This article distills key insights from the public course "Blockchain Technology and Application" by Professor Xiao Zhen of Peking University. It covers foundational concepts in Bitcoin, Ethereum, and provides an introduction to smart contracts and NFTs. The goal is to provide a clear, structured overview of how these technologies work.
Cryptography Foundations
Blockchain relies heavily on cryptography to secure transactions and data.
Cryptographic Hashing
A cryptographic hash function maps data of arbitrary size to a fixed-size output (e.g., 256 bits for SHA-256). Effective hash functions must possess three key properties:
- Collision Resistance: It should be computationally infeasible to find two different inputs that produce the same hash output.
- Hiding: The input data should be concealed by the hash output. It should be impossible to reverse-engineer the input or discern any pattern from the output.
- Puzzle Friendly: This property is crucial for Proof-of-Work (PoW) mining. It means there is no shortcut to finding an input that results in a hash below a specific target value; the only viable method is brute-force computation.
Asymmetric Cryptography
Also known as public-key cryptography, this uses a pair of keys:
- A private key for creating digital signatures.
- A public key for verifying those signatures.
In a transaction, the sender signs it with their private key, and anyone on the network can verify the signature's authenticity using the sender's public key.
Private Keys and Addresses
A cryptocurrency address is derived from a public key. The process begins with a randomly generated private key. Using elliptic curve multiplication, a public key is generated from this private key.
However, for privacy and security, the public key is not used directly as the address. Instead, it undergoes a transformation, typically hashing with SHA-256 followed by RIPEMD-160. This result is then encoded (e.g., using Base58Check in Bitcoin) to produce the final address. While the public key can be used to derive the address, the reverse is computationally impossible.
Core Data Structures
The Hash Pointer
A hash pointer is a fundamental building block. It not only points to where a piece of data is stored but also contains a cryptographic hash of that data. This allows anyone to verify that the data has not been tampered with.
The Blockchain
A blockchain is essentially a linked list of blocks, where each block contains a hash pointer to the previous one.
Block Structure
A block is composed of a header and a list of transactions.
Block Header (80 bytes):
- Version: Tracks software/protocol upgrades.
- Previous Block Hash: The hash of the header of the previous block in the chain. This creates the immutable link.
- Merkle Root: A hash that summarizes all the transactions in the block.
- Timestamp: The approximate creation time of the block.
- Difficulty Target: The PoW difficulty required for this block.
- Nonce: A counter adjusted by miners to find a valid block hash.
The block header is small (80 bytes), while the block itself, containing all transactions, can be hundreds or thousands of times larger. The hash of the current block's header is what miners need to compute to meet the difficulty target.
Merkle Trees
Transactions within a block are organized into a Merkle tree, a binary tree structure where:
- Leaf nodes contain the hashes of transaction data.
- Non-leaf nodes contain the hash of their children's hashes.
The root of this tree (the Merkle Root) is stored in the block header. This allows for efficient and secure verification of whether a specific transaction is included in a block, a process known as a Merkle proof. Lightweight clients (nodes that only store block headers) can use these proofs to verify transactions without downloading the entire blockchain.
Consensus Mechanism: Proof-of-Work
Bitcoin uses a Nakamoto Consensus model based on Proof-of-Work (PoW). Miners compete to solve a computationally difficult puzzle (finding a valid block hash). The first miner to succeed broadcasts their block to the network, earning the right to add it to the blockchain and receiving a block reward (newly minted bitcoin plus transaction fees).
If two miners find valid blocks simultaneously, a temporary fork occurs. Nodes will build upon the first valid block they receive. Eventually, one chain will become longer as more blocks are added to it, and the network will converge on this "longest valid chain," discarding the other. The mining reward started at 50 BTC and halves approximately every four years (every 210,000 blocks). ๐ Explore more strategies for understanding consensus
Transactions and Scripting
Bitcoin uses a transaction-based ledger (UTXO model) rather than an account-based model. There are no explicit account balances stored on the blockchain. Instead, the network tracks Unspent Transaction Outputs (UTXOs). To spend bitcoin, a user must reference previous UTXOs as inputs in a new transaction and provide a cryptographic signature to prove ownership.
Transactions include scripts (ScriptSig in inputs, ScriptPubKey in outputs) that define the conditions for spending the bitcoin. Common transaction types include:
- P2PKH (Pay-to-Public-Key-Hash): The most common type, sending funds to a Bitcoin address.
- P2SH (Pay-to-Script-Hash): Allows sending to the hash of a more complex script, increasing flexibility.
Mining and Difficulty
Mining is the process of hashing the block header with different Nonce values until the resulting hash is below the network's target difficulty. This is "difficult to solve but easy to verify."
The network automatically adjusts the difficulty every 2016 blocks (approximately two weeks) to maintain a target average block time of 10 minutes. The adjustment formula is:New Difficulty = Old Difficulty * (2016 blocks * 10 minutes / Time Taken for Last 2016 Blocks). The adjustment is capped at a factor of 4 to prevent extreme volatility.
Mining Pools
Individual miners often join mining pools to combine their computational power and share rewards more steadily. The pool manager assigns work to miners, who search for partial solutions ("almost valid blocks"). These partial solutions prove the miner's contributed work, and rewards are distributed accordingly. The manager constructs the full block, ensuring the reward address is correct, preventing miners from stealing the block reward.
Forks: State, Hard, and Soft
- State Fork: A temporary divergence in the blockchain, often caused by two miners finding blocks simultaneously.
Protocol Fork: A permanent divergence caused by changes to the blockchain's protocol rules.
- Hard Fork: A non-backward-compatible upgrade. Nodes that do not upgrade will reject blocks from upgraded nodes, leading to a permanent split and the creation of a new cryptocurrency (e.g., BTC/BCH split).
- Soft Fork: A backward-compatible upgrade. Non-upgraded nodes still accept blocks from upgraded nodes, but upgraded nodes will reject blocks that violate the new rules. The network continues as one chain, with upgraded miners enforcing the new rules.
Ethereum's Account Model
Unlike Bitcoin's UTXO model, Ethereum uses an account-based model. It maintains a global state of accounts and their balances. There are two types of accounts:
- Externally Owned Accounts (EOAs): Controlled by private keys. They can send transactions (transfer ETH or trigger contracts).
- Contract Accounts: Controlled by their code. They have associated storage and can execute code when triggered by a transaction.
To prevent replay attacks (reusing a signed transaction on a forked chain), each account has a nonce that increments with every transaction.
Ethereum's Data Structures
Ethereum uses a Modified Merkle Patricia Trie (MPT) for its core state:
- State Trie: Holds the current state of all accounts (balance, nonce, code hash, storage root).
- Transaction Trie: Contains all transactions in a block.
- Receipt Trie: Contains receipts for each transaction, which include logs and other post-execution data.
A new state root is calculated for every block. Instead of modifying the tree in place, a new version is created, and unchanged nodes are shared between versions. This makes state reverts efficient, which is crucial for handling orphaned blocks.
Ethereum's Consensus: GHOST Protocol
Ethereum's block time is much faster than Bitcoin's (~13 seconds), leading to more frequent forks. The GHOST (Greedy Heaviest Observed Subtree) protocol incentivizes miners to include references to "uncle blocks" (stale blocks from recent forks) in the new chain. This secures the network faster and rewards miners for securing stale blocks, reducing centralization pressure.
Smart Contracts
Smart contracts are self-executing programs stored on the Ethereum blockchain. They are typically written in Solidity and compiled to bytecode run on the Ethereum Virtual Machine (EVM).
Gas and Execution
To prevent infinite loops and resource exhaustion, every computation step in a contract costs gas. Users must set a gas limit and gas price for their transactions. If a transaction runs out of gas, it fails, and all state changes are reverted, but the gas fee is still paid to the miner.
Key Considerations for Developers
- Immutability: Code deployed to the mainnet is permanent and cannot be changed. Extensive testing on testnets is critical.
- Visibility: Contract code is public, making it a target for hackers searching for vulnerabilities.
- Re-entrancy: A common attack vector where a malicious contract recursively calls back into a vulnerable function before the first invocation finishes its state updates.
Tokens and NFTs on Ethereum
Ethereum's programmability makes it easy to create new digital assets.
ERC-20 Tokens
The ERC-20 standard defines a common interface for fungible tokens (like stablecoins or utility tokens). A smart contract simply maintains a mapping of addresses to token balances and implements standard functions like transfer() and balanceOf().
NFTs (ERC-721 & ERC-1155)
Non-Fungible Tokens (NFTs) represent unique assets. The two main standards are:
- ERC-721: Each token is unique and has its own ID. The contract tracks ownership of each individual token ID.
- ERC-1155: A more efficient multi-token standard. A single contract can manage multiple types of tokens (both fungible and non-fungible). It uses a mapping of
(owner, token ID)to balance.
NFT metadata (name, image, attributes) is typically stored off-chain in a JSON file, often on decentralized storage like IPFS. The contract's uri() function provides a link to this metadata.
Frequently Asked Questions
What happens if I lose my private key?
There is no recovery mechanism. The decentralized nature of blockchain means you are solely responsible for your keys. It is essential to securely back up your seed phrase (mnemonic recovery words) on paper or on metal, not just as a digital screenshot.
What should I do if my private key is compromised?
Immediately create a new, secure wallet address and transfer all your funds to it. The attacker and you are in a race to move the funds once the key is known.
As a smart contract user, what can I do if a contract I use gets hacked?
In some specific cases, like a re-entrancy attack, it might be possible for a white-hat hacker (or the original developer) to use the same exploit to drain the remaining funds to a safe address before the black-hat hacker does. However, this is highly situational and not always possible.
Is it safe to split a private key for shared custody?
No, splitting a private key (e.g., into halves) dramatically reduces security. The correct method for shared control is to use a multi-signature (multisig) wallet, which requires multiple separate private keys to authorize a transaction.
How does Ethereum's move to Proof-of-Stake (PoS) work?
Ethereum has transitioned to a PoS consensus mechanism (The Merge). Validators, instead of miners, are now responsible for creating blocks. They must stake ETH as collateral. If they act maliciously or fail to validate, their staked ETH can be "slashed" (destroyed). This is more energy-efficient than PoW. ๐ View real-time tools for staking information