MSc in Digital Currency

DFIN-511: Introduction to Digital Currencies

 Session 2
The Byzantine Generals’ Problem & the Bitcoin Solution
DFIN-511: Introduction to Digital Currencies

2
 Objectives of Session 2
Recognize centralized asset & transaction ledgers
Understand the Byzantine Generals’ Problem
Understand how Bitcoin addresses the Byzantine Generals’ Problem
Review some key Bitcoin metrics and developments in practice

Thousands of cryptocurrencies/tokens exist out there. This session will provide the basis for understanding
the theoretical underpinnings of Blockchain technology and Bitcoin – as the paradigm, thinking about their
broader implications and the practical exercises that will follow in the later sessions.

Students new to this technology will find this the most challenging session of the course. It is important to
invest as much time as is needed in understanding this part and to not be discouraged. It took most of us
many hours/days/weeks to understand this part!

Introduction to Digital Currencies

MSc in Digital Currency 3
 Agenda
1. Asset and Transaction Ledgers
2. The Byzantine Generals’ Problem
3. The Bitcoin Approach to the Byzantine Generals’ Problem
4. Bitcoin: Some Key Metrics
5. Conclusions
6. Further Reading

Introduction to Digital Currencies

MSc in Digital Currency 4
1. Asset and Transaction Ledgers
 Some Useful Definitions

Ledger: A complete record for a business's economic activities, usually used

to keep track of transfer of money and transfer of asset ownership.

Blockchain: A tamper-proof*, shared digital ledger that records transactions in a

decentralized peer-to-peer network. The permanent recording of
transactions in the Blockchain stores permanently the history of
asset exchanges that take place between the peers(participants)
in the network.

SHA-256: A cryptographic hash acts like a 'signature' for a text or a data file. Can be used to
confirm file integrity and authenticity. The SHA-256 cryptographic hash generates
an almost-unique 256-bit (32-byte) signature for a text or data file

Use an online hash converter such as https://hash.online-convert.com/ and enter the text you want to convert.
Then, try changing just a letter to see how the hash generated significantly varies each time a change is made.
e.g. try to see the difference between the words “Bitcoin” and “bitcoin”
*Cannot be changed or interfered

Introduction to Digital Currencies

MSc in Digital Currency 6
 The Role of Ledgers
Ledgers are used to record economic
activities and prove the ownership and the
transfer of the value of assets among various
stakeholders such as consumers, suppliers,
producers and market makers

The assets recorded in a ledger can be:

Tangible i.e. motor vehicles, houses
or,
Intangible i.e. money, stock certificates, digital
rights.

Introduction to Digital Currencies

MSc in Digital Currency
 Centralized Ledgers
We take centralized ledgers (with trusted record-keepers) for granted because we have never before
had a practical alternative

If we let any untrusted party enter transactions in an important traditional ledger, chaos is likely to
ensue (would you, for example, let strangers keep track of your checking account balance?)

Given this, a trusted party is in charge of all ledgers of importance in modern society, whether it is the
bank which “stores” your funds, or your local land registry office for the title deeds for your house

Centralized ledgers, however, are not perfect because record-keepers are not always trustworthy, act as
gatekeepers and represent a Single Point of Failure
Record-keepers might not be trustworthy in practice. They may, for example, take a bribe to transfer a piece of
land illegally
Record-keepers might exclude parties that they disapprove of (e.g. banks which do not allow transactions
from/to cryptocurrency exchanges)
Record-keepers might lose important transaction records, even if they are well-intentioned, due to
carelessness, natural disaster and so on

Introduction to Digital Currencies

MSc in Digital Currency 8
 We are surrounded by centralized ledgers
Your bank account The list of title deed holders
transactions at your land registry office

Your credit card transactions Every Ledger

You Know Is The guest reservations at a
Centralized hotel
with a
The General Ledger ‘Trusted’
underlying your company’s Record-keeper
financial statements The names of lessees of cars
leased by a car company

The ownership records of The records relating to your

corporate securities citizenship, such as your
national ID number

Introduction to Digital Currencies

MSc in Digital Currency 9
 Examples of Traditional Business Ledgers

Accounting
Are centralized record-keepers indeed
Ledgers trustworthy?
Academic Bank
Certificates Accounts

• Cyprus 2013 “haircut” on bank deposits

•
Citizenship
Records Ledgers Land
Registries
•
Fake academic certificates presented to
employers
Loss of records of land registries in Less
Developed Countries
• No transparency of patients’ medical records
among different medical institutions
Hotel Securities
Reservations Records
And many more…
Medical
Records

Introduction to Digital Currencies

MSc in Digital Currency 10
 Decentralized Ledgers
A successful decentralized ledger that allowed parties that did not know or trust each other to transact
together would have a wide range of advantages. In fact, it practically sounds like a fairy tale in
traditional terms:
Invulnerable to censorship and exclusion
Invulnerable to malfeasance by record-keepers
Invulnerable to loss of records

One of the reasons for the excitement of technologists about Blockchain is that they believe Bitcoin is the
first practical use case of this technology that could allow for the decentralization of all business ledgers

Introduction to Digital Currencies

MSc in Digital Currency 11
 Why Bitcoin Matters?
“A mysterious new technology emerges, seemingly out of nowhere, but actually the result of two decades of intense
research and development by nearly anonymous researchers. Political idealists project visions of liberation and
revolution onto it; establishment elites heap contempt and scorn on it. On the other hand, technologists – nerds – are
transfixed by it. They see within it enormous potential and spend their nights and weekends tinkering with it. Eventually
mainstream products, companies and industries emerge to commercialize it; its effects become profound; and later,
many people wonder why its powerful promise wasn’t more obvious from the start. What technology am I talking
about? Personal computers in 1975, the Internet in 1993, and – I believe – Bitcoin in 2014….

The practical consequence of solving this problem is that Bitcoin gives us, for the first time, a way for one Internet user
to transfer a unique piece of digital property to another Internet user, such that the transfer is guaranteed to be safe
and secure, everyone knows that the transfer has taken place, and nobody can challenge the legitimacy of the transfer.
The consequences of this breakthrough are hard to overstate.

What kinds of digital property might be transferred in this way? Think about digital signatures, digital contracts, digital
keys (to physical locks, or to online lockers), digital ownership of physical assets such as cars and houses, digital stocks
and bonds … and digital money.”

Marc Andreessen, Founder of Netscape & well-known venture capitalist, 2014

Source: http://dealbook.nytimes.com/2014/01/21/why-bitcoin-matters/

Introduction to Digital Currencies

MSc in Digital Currency 12
2. The Byzantine Generals’ Problem
 The Byzantine Generals’ Problem (BGP)
The problem of building a distributed and trusted system is not a new one in computer science. It is a
common challenge in distributed systems with no central control to enforce trust. Imagine, for example, a
computer system with distributed components that need to communicate information to each other, but that
information might fail to communicate accurately due to technical failures

The Byzantine Generals’ Problem, first proposed by Marshall Pease, Robert Shostak and Leslie Lamport in
1982, provides a stylized description of this problem

Past attempts at solving the currency side of the problem include the following research :
Chaum, D., 1984. Blind Signature System, in: Chaum, D. (Ed.), Advances in Cryptology. Springer US, pp. 153–153.
Chaum, D., Fiat, A., Naor, M., 1990. Untraceable Electronic Cash, in: Proceedings of the 8th Annual International
Cryptology Conference on Advances in Cryptology, CRYPTO ’88. Springer-Verlag, London, UK, UK, pp. 319–327.
Okamoto, T., Ohta, K., 1992. Universal Electronic Cash, in: Proceedings of the 11th Annual International
Cryptology Conference on Advances in Cryptology, CRYPTO ’91. Springer-Verlag, London, UK, UK, pp. 324–337.
Wei Dai’s B-Money - Wei Dai, 1998, http://www.weidai.com/bmoney.txt

Bitcoin, however, a system proposed in a white paper released in November 2008, under the pseudonym
Satoshi Nakamoto, is the best solution to this problem that has been proposed to date and has had, by far,
the broadest adoption. October 31 st 2018 marked the 10 year anniversary of Bitcoin’s whitepaper release so
we already 11 years beyond this significant milestone.

Introduction to Digital Currencies

MSc in Digital Currency 14
 What is the BGP?
“We imagine that several divisions of the Byzantine army are
camped outside an enemy city, each division commanded by its
own general. The generals can communicate with one another
only by messenger. After observing the enemy, they must decide
upon a common plan of action. However, some of the generals
may be traitors, trying to prevent the loyal generals from
reaching agreement. The generals must have an algorithm to
guarantee that (A) All loyal generals decide upon the same plan
of action and (B) A small number of traitors cannot cause the
loyal generals to adopt a bad plan”

- The Byzantine Generals’ Problem, 1982

Should we stay or should we go (to battle)?

Image Source: Wikimedia Commons. Text: The Byzantine Generals’ Problem, Lamport, Shostak, Pease, 1982

Introduction to Digital Currencies

MSc in Digital Currency 15
 The BPG: Problem Formulation
*Give attention to this slide. It is important to understand the problem Bitcoin and other
decentralized systems aim to solve

In this case, 1 traitor (either Lieutenant 2 or the Commander in the cases above) could cause the attack to fail

Lieutenant 1 would maybe retreat when he should attack instead.

A traitor prevents the group from reaching consensus. Now think of a traitor, as a malicious party within a ledger
that aims to facilitate fraudulent transactions. The rest of this presentation will show how Satoshi solves this
Image Source: The Byzantine Generals’ Problem, Lamport, Shostak, Pease, 1982 issue.
Image Source: Wikimedia Commons

Introduction to Digital Currencies

MSc in Digital Currency 16
 The Byzantine Generals

As the number of the parties in

the system increase, the
number of channels for
communication (and
opportunities for mistrust)
increase exponentially.

Imagine the complexity of

building consensus in a truly
decentralized system with
thousands or millions of parties
involved.

Image Source: The Byzantine Generals’ Problem, Lamport, Shostak, Pease, 1982

Introduction to Digital Currencies

MSc in Digital Currency 17
3. Bitcoin’s Approach To The Byzantine
Generals’ Problem
 Some Useful Definitions
bitcoin: without capitalization, is used to describe bitcoins as a unit of account

Bitcoin: with capitalization, is used to describe the concept of Bitcoin, or the entire network itself

Bitcoin address: a location that bitcoins have been sent to and reside at. It is a participant’s unique identifier
on the Bitcoin network and it is public

Transaction: A record informing the network of a transfer of bitcoins from one bitcoin address to another.
Think of it as a single line in a text book

Blockchain*: The complete transaction ledger of the Bitcoin network, showing how bitcoins have been
transferred from one address to another over time. The blockchain is a public record of all bitcoin
transactions in chronological order.
*All Bitcoin transactions are stored in blocks (think of them as pages of the text book), which are linked (or
“chained”) together in sequence to form the blockchain (think of it as the whole text book)

Introduction to Digital Currencies

MSc in Digital Currency 19
 The Bitcoin Ledger: The Blockchain
Want to witness and store the Bitcoin Blockchain? The starting point:
A Bitcoin user downloads a piece of software (the Bitcoin “client” software)
This client software will initially download the blockchain, the ledger of all transactions in the history of Bitcoin
Each Bitcoin client stores the complete record of all bitcoin transactions of all time. There is no central record-
keeper, just a set of copies distributed among all the clients

Once the blockchain is on a client computer, the issue of synchronization emerges:

How are the blockchains (ledgers) that are on each client kept in sync with each other?
Or, in other words, how do the blockchains reach “distributed consensus” without a central party holding the
definitive transaction ledger?
Or, in other words, when a client receives conflicting messages about a transaction, which one should it accept
and which one should it ignore? Which one is truthful, which one is a traitor?

By now, you should realize that keeping the blockchain copies in sync is a manifestation of the Byzantine
Generals’ Problem

Have in mind that downloading the Bitcoin client software is not mandatory in order to become a
Bitcoin/cryptocurrency user. It is recommended for users wishing to see how the blockchain network
operates in more detail.

Introduction to Digital Currencies

MSc in Digital Currency 20
 Syncing the Blockchain: Mechanics
1. When a Bitcoin client executes a transaction (sends bitcoins from one address to another), it broadcasts the
transaction to all the users in the system. Within a few seconds, most of the clients in the world receive the
transaction

2. At this point, however, the transaction is considered “unconfirmed” because it suffers from the Byzantine
Generals’ Problem. E.g., what if a dishonest Bitcoin client sent out two transactions moving the same bitcoin to
two different addresses? Which one should the clients accept?

3. The mechanism that Bitcoin uses to confirm transactions and resolve the Byzantine Generals’ Problem is a
process called “mining”

Introduction to Digital Currencies

MSc in Digital Currency 21
 Syncing the Blockchain: Mining?

This Not This

Mining is a largely misleading analogy for what ‘miners’ do.

Think of the miners as bookkeepers and they will make much more sense

Image Source: Wikimedia Commons. Ledger and Coal Strip Mine

Introduction to Digital Currencies

MSc in Digital Currency 22
 Mining & Proof-of-Work
https://www.coindesk.com/information/how-to-set-up-a-
miner/

Mining:
Creation of new bitcoins in each block, almost like a central bank printing new money. Remember though, that the amount of bitcoins to
be created is fixed (21 million)
Creation of trust by ensuring that transactions are confirmed only when enough computational power was devoted to the block t hat
contains them.
If the process seems too complicated do not worry! The system can operate the steps below by itself i.e. no heavy manual work is
required
1st Step

2nd Step

3rd Step
Miners collect and Apply a cryptographic Try to solve the “Proof-
broadcast their hash function of the of-Work” Problem
transactions in a block header of the previous
and verify they are valid block to the new block

Proof-of-Work Problem:
Step 1: Hash of Last Block Header + Block of New Transactions + Random Number (Nonce=32-bit number)
Step 2: Apply Cryptographic Function (SHA-256) to the above data
Step 3: Hash reviewed against a predetermined value(a desired pattern). Less than this value=Prize. Not less=Guess Nonce Again & Repeat
- Winning Block Verified by Nodes as a Block and broadcasted to the network

Introduction to Digital Currencies

MSc in Digital Currency 23
 Mining in 3 steps (again)
1. Compile Some Data To Be The Input To A Calculation

Block of Random No? Guess another

Hash of last block in
New Number random number;
existing blockchain
Transactions (Nonce) Repeat Steps 1-3

Input: Output: A 3. Hash

2. Perform
Data Hash – A matches
Cryptographic
from series of expected
Calculation Yes?
Step 1 characters pattern?
(SHA-256)
Block
solved!
Win Prize!

Introduction to Digital Currencies

MSc in Digital Currency 24
 Mining: Winning a Prize?
Once a miner has a winning block, it broadcasts it to the other clients as a “block” of confirmed transactions.
The client nodes verify that the hash matches the pattern needed and accept the new block, adding it to the
existing blockchain that they all store. Note: Blockchain = a chain of blocks (!)
After that, all miners start working on finding the next block, incorporating the new, larger blockchain as their
starting point in Step 1

The miner is allowed to collect as part of having a winning block:

An allocation of new bitcoins (currently, 12.5 bitcoins per block) that is an increase in the total number of
bitcoins
The transaction fees from all the transactions that were included in the block

Block reward started from 50 bitcoins per block and is halving every 210,000 blocks, approximately every 4
years

In September 2019, the block reward is 12.5 bitcoins. This amount far outweighs the reward from transaction
fees. The next halving will take place in 2020. Block rewards will stop once the network reaches Block
6.930.000 (sometime around the year 2140). The total number of bitcoins issued by then will be about 21
million - https://en.bitcoin.it/wiki/Controlled_supply

Introduction to Digital Currencies

MSc in Digital Currency 25
 Almost 18 million bitcoins (more than 80% of the
Mining: Winning a Prize?
total bitcoin supply) have been issued so far through
block rewards. The rate will keep decreasing until
the final issuance takes place in 2140

Introduction to Digital Currencies

MSc in Digital Currency 26
 Controlled Supply

Introduction to Digital Currencies

MSc in Digital Currency 27
 Mining: Auto-Adjusting Puzzles
This winning of prizes sounds very pleasant. Why hasn’t someone with a big computer mined all the
bitcoins?

Fortunately, the prizes (new blocks) auto-adjust their difficulty (leading zeros) to account for how much
computing power is in the Bitcoin network.
The difficulty of guessing the correct random number (nonce) that produces the desired number of leading 0s
in the block hash, is adjusted every 2016 blocks (approximately two weeks) so that the network produces one
successful block every 10 minutes or so.
While any given block might take less time or more time to create due to luck, if blocks start being produced
too often or not often enough, the prize puzzle gets more difficult or less difficult so that blocks are formed
every ten minutes or so again

This means that, whether the Bitcoin network just has 20 old laptops doing mining or millions of super-
computers mining, blocks will still be created approximately every 10 minutes and anyone’s expected
reward from mining is their % of the total network’s computing (mining) power. And since anyone can
setup a mining node, if it is very profitable to mine because, say, the price of a bitcoin has gone up, more
miners will come into the system (and vice-versa, if it is unprofitable, miners will drop out)

Introduction to Digital Currencies

MSc in Digital Currency 28
 Back to the Byzantine Generals’ Problem
“But, you have not yet solved the BGP, just moved it to the miners. What if two miners send out blocks with
different information(i.e. different transactions within the block)? How do the clients choose which one to
include?”

The answer is that when a client is trying to decide which blockchain version to accept, it must choose the
one that is “longest” (In Bitcoin terms), aka the one that has the “greatest combined difficulty” (of the hashes
used to create it). In other words, the chain that took the most computation power to create will be chosen

The shorter blockchain is discarded (as an “orphan block” and those transactions have to be re-processed if
they were not in the longer blockchain)

Given this, a traitor cannot keep entering bad signals into the blockchain (aka, spend money in one block,
then erase the transaction in the next block) unless he or she can keep producing the longest blockchain (the
one with the most computation associated with it) which, statistically, the traitor can’t do, given the
essentially random nature of block creation (unless he has enough hashing power and can sustain mining the
majority of new blocks). More on this on the next slides.

Introduction to Digital Currencies

MSc in Digital Currency 29
 Back to the Byzantine Generals’ Problem

Random Work
Select The “Longest”
(Guessing of the Nonce) To
(Most Difficult) Chain
Produce A Chain

Solution to the Byzantine Generals’ Problem

Introduction to Digital Currencies

MSc in Digital Currency 30
 Mining: Proof of Work
The random number creation (“proof of work”) is the subject of confusion

They often consider it (a) wasted effort or (b) an indication of poor system design (“why do they need to do
so much work to enter a transaction when my database can just do it instantly?”)

In fact, it is the *key* aspect of providing ledger security, in that it prevents any one party from hijacking the
ledger

One useful mental model is to think of it as a lottery relating to who gets to enter the next transactions in the
system to prevent one person from taking control of the ledger

Introduction to Digital Currencies

MSc in Digital Currency 31
 Mining: 51% Attack
To be more precise, Bitcoin solves the Byzantine Generals’ Problem so long as honest miners consist of at
least 50% of the hashing power in the system
(for theoretical attack scenarios, this research puts this threshold closer to 66.67%)

If one miner controls more than 50% of the hash power, it can always produce a “longer” chain than all the
other miners combined and therefore it can reverse its own past transactions and/or refuse to enter
transactions from others. (It still can’t spend the bitcoins of others, but it can prevent them from being
spent).
This is known as a “51% attack”
In other words, a 51% miner becomes a centralized ledger-keeper like a bank or credit card company,
eliminating the advantages of a decentralized system

So, it is important for the ecosystem of any cryptocurrency that honest miners maintain 50% of the
computational power in the system (alternatively, that no single dishonest miner, or coalition of miners, gains
more than 50% of the computational power in the network).
Fun facts:
• At times, some mining pools (groups of miners) in Bitcoin have gained over 40% of the hashing power in the network,
something that has raised concerns. These major pool members backed off from the 50% mark voluntarily in order to
preserve confidence in the system)
• The largest mining pool currently has more hash rate than Bitcoin’s entire hash rate in November 2017

Introduction to Digital Currencies

MSc in Digital Currency 32
 Implications
The implications of this solution to the Byzantine Generals’ Problem are the basis for the rest of this course so
we are sure that the last few slides have raised a lot of questions

In future sessions, we will discuss:

How you transact with bitcoin in practice
Strengths and weaknesses of Bitcoin specifically and relative to other related technologies
Implications in the area of currency and beyond

For this session however, direct your attention primarily to understanding the underlying mechanics as well
as possible, because it will strengthen your ability to participate in the rest of the course

Introduction to Digital Currencies

MSc in Digital Currency 33
4. Bitcoin: Some Key Metrics
 Bitcoin Metrics: Number of bitcoins in circulation
17,925,888 bitcoins in circulation as of September 9, 2019

Introduction to Digital Currencies

MSc in Digital Currency 35
 Bitcoin Metrics: Market Price

Source: https://blockchain.info/markets

Introduction to Digital Currencies

MSc in Digital Currency 36
 Bitcoin Metrics: Market Capitalization

Total BTC market value = number of

bitcoins issued (x) market price
Introduction to Digital Currencies
MSc in Digital Currency 37
 Bitcoin Metrics: Mining – Network Hash Power
https://www.blockchain.com/en/charts/hash-rate

Think of the total network hash rate as the total computing power
dedicated at the network, by users all around the world.
Introduction to Digital Currencies
MSc in Digital Currency 38
 5. Conclusions
Historically, all ledgers of importance have been centralized. While giving a measure of security, central
record-keepers have weaknesses in the areas of:
Corruption
Inclusion
Technical failures

The Byzantine Generals’ Problem, a matter of study in the area of fault tolerance, describes why
decentralized ledgers have historically been infeasible

Bitcoin has presented the best solution to-date for solving the Byzantine Generals’ Problem and, subject to
certain conditions, has made widespread decentralized asset and transaction ledgers possible

Leading technologists believe that the implications of this technical breakthrough will be far-reaching,
extending far beyond digital currency

Introduction to Digital Currencies

MSc in Digital Currency 39
 Some Further Reading (1/2)
Bitcoin: A Peer-to-Peer Electronic Cash System (Satoshi Nakamoto)
https://bitcoin.org/bitcoin.pdf
How the Byzantine General Sacked the Castle: A Look Into Blockchain
https://medium.com/@DebrajG/how-the-byzantine-general-sacked-the-castle-a-look-into-blockchain-370fe637502c
Bitcoin Mining
https://www.buybitcoinworldwide.com/mining/
The Byzantine Generals’ Problem (Leslie Lamport, Robert Shostak, Marshall Pease)
https://www.andrew.cmu.edu/course/15-749/READINGS/required/resilience/lamport82.pdf
(the first paper that defined the Byzantine Generals ‘ Problem in those terms)
Majority is not Enough: Bitcoin Mining is Vulnerable
https://www.cs.cornell.edu/~ie53/publications/btcProcFC.pdf

Introduction to Digital Currencies

MSc in Digital Currency 40
 Some Further Reading (2/2)
The Economics of Cryptocurrencies – Bitcoin and Beyond
https://www.chapman.edu/research/institutes-and-centers/economic-science-institute/_files/ifree-papers-and-
photos/koeppel-april2017.pdf
Banking Is Only The Beginning: 36 Big Industries Blockchain Could Transform
https://www.cbinsights.com/research/industries-disrupted-
blockchain/?utm_source=CB+Insights+Newsletter&utm_campaign=fa48df10a8-
ThursNL_02_01_2018&utm_medium=email&utm_term=0_9dc0513989-fa48df10a8-90141994
How Bitcoin Mining Works, CoinDesk
https://www.coindesk.com/information/how-bitcoin-mining-works/
Hash Rate all-time high
https://www.newsbtc.com/2019/09/09/bitcoin-stronger-than-ever-as-hash-rate-sets-fresh-all-time-high/
Bitmain Mining
https://www.coindesk.com/bitmain-ramps-up-power-and-efficiency-with-new-bitcoin-mining-machine

Introduction to Digital Currencies

MSc in Digital Currency 41
 Questions?
Contact us:

Twitter: @mscdigital
Course Support: [email protected]
IT & Live Session support: [email protected]