Position: Home page » Blockchain » How can blockchain avoid double spending
How can blockchain avoid double spending
Publish: 2021-04-24 09:17:48
1. blockchain itself solves the problem of large-scale cooperation between strangers, that is, strangers can cooperate with each other without mutual trust. So how to ensure the trust between strangers to achieve mutual consensus mechanism? The centralized system uses trusted third-party endorsements, such as banks. In the eyes of the common people, banks are reliable and trustworthy institutions. The common people can trust banks to solve real disputes. But how does a decentralized blockchain guarantee trust
in fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here, I only introce the basic knowledge of cryptography related to blockchain, including hash algorithm, encryption algorithm, information digest and digital signature, zero knowledge proof, quantum cryptography, etc. Through this lesson, you can learn how to ensure the confidentiality, integrity, authentication and non repudiation of the blockchain using cryptography technology
basic course lesson 7 basic knowledge of blockchain security
1. Hash algorithm (hash algorithm)
hash function (hash), also known as hash function. Hash function: hash (original information) = summary information. Hash function can map any length of binary plaintext string to a shorter (generally fixed length) binary string (hash value)
a good hash algorithm has the following four characteristics:
1. One to one correspondence: the same plaintext input and hash algorithm can always get the same summary information output
2. Input sensitivity: even if the plaintext input changes slightly, the newly generated summary information will change greatly, which is greatly different from the original output
3. Easy to verify: plaintext input and hash algorithm are public, anyone can calculate by themselves, and whether the output hash value is correct
4. Irreversibility: if there is only the output hash value, the hash algorithm can never dece the plaintext
5. Conflict avoidance: it is difficult to find two plaintexts with different contents, but their hash values are the same (collision)
for example:
hash (Zhang San lent Li Si 100000 yuan for 6 months) = 123456789012
such a record as 123456789012 is recorded in the account book
it can be seen that hash function has four functions:
simplify information
it is easy to understand, and the information after hashing becomes shorter
identification information
you can use 123456789012 to identify the original information, and summary information is also called the ID of the original information
hidden information
the account book is a record like 123456789012, and the original information is hidden
verification information
if Li Si cheated that Zhang San only lent Li Si 50000 when repaying, both parties can verify the original information with the hash value of 123456789012 recorded before
hash (Zhang San lent Li Si 50000 for 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, Then the information can't be tampered
common hash algorithms include MD4, MD5 and Sha series algorithms, and Sha series algorithms are basically used in mainstream fields. Sha (secure hash algorithm) is not an algorithm, but a group of hash algorithms. At first, it was SHA-1 series, and now the mainstream applications are sha-224, SHA-256, sha-384 and sha-512 algorithms (commonly known as SHA-2). Recently, Sha-3 related algorithms have been proposed, such as keccak-256 used by Ethereum
MD5 is a very classic hash algorithm, but unfortunately, both it and SHA-1 algorithm have been cracked. It is considered by the instry that its security is not enough to be used in business scenarios. Generally, sha2-256 or more secure algorithm is recommended
hash algorithm is widely used in blockchain. For example, in blocks, the latter block will contain the hash value of the previous block, and the content of the later block + the hash value of the previous block will jointly calculate the hash value of the later block, which ensures the continuity and non tamperability of the chain< Encryption and decryption algorithm is the core technology of cryptography, which can be divided into two basic types: symmetric encryption algorithm and asymmetric encryption algorithm. According to whether the key used in the encryption and decryption process is the same or not, the two modes are suitable for different needs, just forming a complementary relationship, and sometimes can be combined to form a hybrid encryption mechanism
symmetric cryptography (also known as common key cryptography) has the advantages of high computational efficiency and high encryption strength; Its disadvantage is that it needs to share the key in advance, which is easy to leak and lose the key. The common algorithms are des, 3DES, AES and so on
asymmetric cryptography (also known as public key cryptography) is different from the encryption and decryption key, and its advantage is that it does not need to share the key in advance; Its disadvantage is that it has low computational efficiency and can only encrypt short content. Common algorithms include RSA, SM2, ElGamal and elliptic curve series. Symmetric encryption algorithm is suitable for the encryption and decryption process of a large number of data; It can't be used in signature scenario: and it often needs to distribute the key in advance. Asymmetric encryption algorithm is generally suitable for signature scenario or key agreement, but it is not suitable for large amount of data encryption and decryption< Third, information digest and digital signature
as the name suggests, information digest is to hash the information content to obtain a unique digest value to replace the original and complete information content. Information digest is the most important use of hash algorithm. Using the anti-collision feature of hash function, information digest can solve the problem that the content has not been tampered
digital signature is similar to signing on paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and confirm the source (or non repudiation)
we have two requirements for digital signature to make it consistent with our expectation for handwritten signature. First, only you can make your own signature, but anyone who sees it can verify its validity; Second, we want the signature to be only related to a specific file and not support other files. These can be achieved by our asymmetric encryption algorithm above
in practice, we usually sign the hash value of information instead of the information itself, which is determined by the efficiency of asymmetric encryption algorithm. Corresponding to the blockchain, it is to sign the hash pointer. In this way, the front is the whole structure, not just the hash pointer itself< Zero knowledge proof means that the verifier can make the verifier believe that a certain conclusion is correct without providing any additional information to the verifier
zero knowledge proof generally meets three conditions:
1. Completeness: authentic proof can make the verifier successfully verify
2. Soundness: false proof can not make the verifier pass the verification
3. Zero knowledge: if you get proof, you can't get any information other than the proof information from the proof process< With more and more attention paid to the research of quantum computing and quantum communication, quantum cryptography will have a huge impact on the information security of cryptography in the future
the core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. Theoretically, a large amount of information can be expressed by a small number of qubits and processed at the same time, which greatly improves the computing speed
in this way, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing
as we all know, quantum computing is still in the theoretical stage, which is far from large-scale commercial use. However, the new generation of encryption algorithms should consider the possibility of this situation.
in fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here, I only introce the basic knowledge of cryptography related to blockchain, including hash algorithm, encryption algorithm, information digest and digital signature, zero knowledge proof, quantum cryptography, etc. Through this lesson, you can learn how to ensure the confidentiality, integrity, authentication and non repudiation of the blockchain using cryptography technology
basic course lesson 7 basic knowledge of blockchain security
1. Hash algorithm (hash algorithm)
hash function (hash), also known as hash function. Hash function: hash (original information) = summary information. Hash function can map any length of binary plaintext string to a shorter (generally fixed length) binary string (hash value)
a good hash algorithm has the following four characteristics:
1. One to one correspondence: the same plaintext input and hash algorithm can always get the same summary information output
2. Input sensitivity: even if the plaintext input changes slightly, the newly generated summary information will change greatly, which is greatly different from the original output
3. Easy to verify: plaintext input and hash algorithm are public, anyone can calculate by themselves, and whether the output hash value is correct
4. Irreversibility: if there is only the output hash value, the hash algorithm can never dece the plaintext
5. Conflict avoidance: it is difficult to find two plaintexts with different contents, but their hash values are the same (collision)
for example:
hash (Zhang San lent Li Si 100000 yuan for 6 months) = 123456789012
such a record as 123456789012 is recorded in the account book
it can be seen that hash function has four functions:
simplify information
it is easy to understand, and the information after hashing becomes shorter
identification information
you can use 123456789012 to identify the original information, and summary information is also called the ID of the original information
hidden information
the account book is a record like 123456789012, and the original information is hidden
verification information
if Li Si cheated that Zhang San only lent Li Si 50000 when repaying, both parties can verify the original information with the hash value of 123456789012 recorded before
hash (Zhang San lent Li Si 50000 for 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, Then the information can't be tampered
common hash algorithms include MD4, MD5 and Sha series algorithms, and Sha series algorithms are basically used in mainstream fields. Sha (secure hash algorithm) is not an algorithm, but a group of hash algorithms. At first, it was SHA-1 series, and now the mainstream applications are sha-224, SHA-256, sha-384 and sha-512 algorithms (commonly known as SHA-2). Recently, Sha-3 related algorithms have been proposed, such as keccak-256 used by Ethereum
MD5 is a very classic hash algorithm, but unfortunately, both it and SHA-1 algorithm have been cracked. It is considered by the instry that its security is not enough to be used in business scenarios. Generally, sha2-256 or more secure algorithm is recommended
hash algorithm is widely used in blockchain. For example, in blocks, the latter block will contain the hash value of the previous block, and the content of the later block + the hash value of the previous block will jointly calculate the hash value of the later block, which ensures the continuity and non tamperability of the chain< Encryption and decryption algorithm is the core technology of cryptography, which can be divided into two basic types: symmetric encryption algorithm and asymmetric encryption algorithm. According to whether the key used in the encryption and decryption process is the same or not, the two modes are suitable for different needs, just forming a complementary relationship, and sometimes can be combined to form a hybrid encryption mechanism
symmetric cryptography (also known as common key cryptography) has the advantages of high computational efficiency and high encryption strength; Its disadvantage is that it needs to share the key in advance, which is easy to leak and lose the key. The common algorithms are des, 3DES, AES and so on
asymmetric cryptography (also known as public key cryptography) is different from the encryption and decryption key, and its advantage is that it does not need to share the key in advance; Its disadvantage is that it has low computational efficiency and can only encrypt short content. Common algorithms include RSA, SM2, ElGamal and elliptic curve series. Symmetric encryption algorithm is suitable for the encryption and decryption process of a large number of data; It can't be used in signature scenario: and it often needs to distribute the key in advance. Asymmetric encryption algorithm is generally suitable for signature scenario or key agreement, but it is not suitable for large amount of data encryption and decryption< Third, information digest and digital signature
as the name suggests, information digest is to hash the information content to obtain a unique digest value to replace the original and complete information content. Information digest is the most important use of hash algorithm. Using the anti-collision feature of hash function, information digest can solve the problem that the content has not been tampered
digital signature is similar to signing on paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and confirm the source (or non repudiation)
we have two requirements for digital signature to make it consistent with our expectation for handwritten signature. First, only you can make your own signature, but anyone who sees it can verify its validity; Second, we want the signature to be only related to a specific file and not support other files. These can be achieved by our asymmetric encryption algorithm above
in practice, we usually sign the hash value of information instead of the information itself, which is determined by the efficiency of asymmetric encryption algorithm. Corresponding to the blockchain, it is to sign the hash pointer. In this way, the front is the whole structure, not just the hash pointer itself< Zero knowledge proof means that the verifier can make the verifier believe that a certain conclusion is correct without providing any additional information to the verifier
zero knowledge proof generally meets three conditions:
1. Completeness: authentic proof can make the verifier successfully verify
2. Soundness: false proof can not make the verifier pass the verification
3. Zero knowledge: if you get proof, you can't get any information other than the proof information from the proof process< With more and more attention paid to the research of quantum computing and quantum communication, quantum cryptography will have a huge impact on the information security of cryptography in the future
the core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. Theoretically, a large amount of information can be expressed by a small number of qubits and processed at the same time, which greatly improves the computing speed
in this way, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing
as we all know, quantum computing is still in the theoretical stage, which is far from large-scale commercial use. However, the new generation of encryption algorithms should consider the possibility of this situation.
2. In the process of learning blockchain, you will hear the word "double flower", which means double payment, or more directly, a sum of money has been spent twice. In this article, we will briefly analyze why there are double flowers and how bitcoin can avoid double flowers
in the traditional transaction, there is no double spending problem because there is a centralized institution such as a bank: every payment will be dected from your bank account, and all details will be recorded in the bank. But in bitcoin, because there is no concept of account, utxo is introced, that is, no transaction output is spent. Because there is no guarantee from centralized institutions such as banks, when a transaction occurs, there may be a risk of double spending: for example, a has a bitcoin, and then he constructs two transactions T1 and T2 at the same time to spend the bitcoin, one of which is given to B, to buy a suit from B, one is given to C, and to buy a pair of shoes from C. If we do not introce some mechanism to avoid this situation, bitcoin, as a digital currency, will not have any meaning of existence. Next, let's analyze how bitcoin can prevent this "double flower" attack
(1) normal situation
first of all, let's look at the normal situation. To put it bluntly, most of the time, the consensus mechanism of blockchain can nip Shuanghua in the bud. Let's illustrate with the above examples:
suppose that a constructs two transactions T1 and T2, and transfers its own value of 1btc utxo to B and C respectively, in an attempt to obtain benefits from B and C at the same time. Then a broadcasts the two constructed transactions to the network almost at the same time
suppose that the miner node in the network receives the transaction T1 first, and finds that the source of funds for the transaction has not been spent, so it adds T1 to its own memory transaction pool and waits to be packaged into the block
in most cases, the miner node will receive transaction T2 soon. At this time, the miner node will refuse to process the transaction because the transaction input that T2 points to is the same as T1 that has been added to the transaction pool. Other miner nodes in the network are similar, so a's attempt to double flower is stillborn
(2) bifurcation
the above is normal, but there are also abnormal cases to consider: suppose that the miner nodes M1 and M2 dig out the block almost at the same time, and unfortunately M1 only receives transaction T1 when digging in the block, while M2 only receives transaction T2 when digging in the block, so transaction T1 and T2 are packed into two blocks respectively. Because these two blocks were g out at about the same time, resulting in the bifurcation of the blockchain:
some nodes in the network (which may be close to M1) received the block blk1 packed by M1 first, so they used the block to extend their own blockchain, while other nodes (which are close to M2) received the block blk2 packed by M2 first, and used the block to extend their own blockchain, So the whole blockchain network
in the traditional transaction, there is no double spending problem because there is a centralized institution such as a bank: every payment will be dected from your bank account, and all details will be recorded in the bank. But in bitcoin, because there is no concept of account, utxo is introced, that is, no transaction output is spent. Because there is no guarantee from centralized institutions such as banks, when a transaction occurs, there may be a risk of double spending: for example, a has a bitcoin, and then he constructs two transactions T1 and T2 at the same time to spend the bitcoin, one of which is given to B, to buy a suit from B, one is given to C, and to buy a pair of shoes from C. If we do not introce some mechanism to avoid this situation, bitcoin, as a digital currency, will not have any meaning of existence. Next, let's analyze how bitcoin can prevent this "double flower" attack
(1) normal situation
first of all, let's look at the normal situation. To put it bluntly, most of the time, the consensus mechanism of blockchain can nip Shuanghua in the bud. Let's illustrate with the above examples:
suppose that a constructs two transactions T1 and T2, and transfers its own value of 1btc utxo to B and C respectively, in an attempt to obtain benefits from B and C at the same time. Then a broadcasts the two constructed transactions to the network almost at the same time
suppose that the miner node in the network receives the transaction T1 first, and finds that the source of funds for the transaction has not been spent, so it adds T1 to its own memory transaction pool and waits to be packaged into the block
in most cases, the miner node will receive transaction T2 soon. At this time, the miner node will refuse to process the transaction because the transaction input that T2 points to is the same as T1 that has been added to the transaction pool. Other miner nodes in the network are similar, so a's attempt to double flower is stillborn
(2) bifurcation
the above is normal, but there are also abnormal cases to consider: suppose that the miner nodes M1 and M2 dig out the block almost at the same time, and unfortunately M1 only receives transaction T1 when digging in the block, while M2 only receives transaction T2 when digging in the block, so transaction T1 and T2 are packed into two blocks respectively. Because these two blocks were g out at about the same time, resulting in the bifurcation of the blockchain:
some nodes in the network (which may be close to M1) received the block blk1 packed by M1 first, so they used the block to extend their own blockchain, while other nodes (which are close to M2) received the block blk2 packed by M2 first, and used the block to extend their own blockchain, So the whole blockchain network
3. Because it comes from money. Virtual money is bought with real money. So it's also called coin there.
4. QQ currency is a virtual currency issued by Tencent. The official issue price of Tencent is: 1q currency = 1 yuan. However, if the amount of recharge is large, there will be different discounts in different recharge platforms
if you want to exchange Q currency for RMB, it's a bit complicated. Because Tencent does not support q-coin exchange at present, it is now doing q-coin recovery and exchange on some third-party platforms. Therefore, there will be a certain discount. Therefore, in the recovery of Q currency, 1q currency can not be converted into 1 yuan RMB.
if you want to exchange Q currency for RMB, it's a bit complicated. Because Tencent does not support q-coin exchange at present, it is now doing q-coin recovery and exchange on some third-party platforms. Therefore, there will be a certain discount. Therefore, in the recovery of Q currency, 1q currency can not be converted into 1 yuan RMB.
5. The distributed architecture and tamper proof features of blockchain technology help to solve the problems of bill authenticity and information opacity. When participants need to check whether the bill has been tampered or transferred, blockchain can provide indisputable proof of consistency
digital currency also makes use of this feature of blockchain. Puyin is a kind of tea standard digital currency developed based on blockchain technology.
digital currency also makes use of this feature of blockchain. Puyin is a kind of tea standard digital currency developed based on blockchain technology.
6. Bitcoin is proced by the source P2P software, such as cryptocurrency or electronic currency. Generally speaking, it uses the computing power of mining equipment to calculate the number of difficult problems. Network confirms the transaction. Bitcoin network rewards bitcoin according to solving the number of difficult problems. There is no exchange rate of bitcoin. It is said that the exchange rate of bitcoin is universal all over the world. Bitcoin mining node software is based on P2P network, digital signature, digital signature The password evidence initiates the verification transaction node to broadcast the transaction to the network. Some broadcast transactions are verified by the miner. The miner expresses the confirmation transaction with the self working proof knot. The packaged data block data block is a continuous data block chain. Each bitcoin node collects the unconfirmed transaction and gathers it into the data block. The data block in front of the data block gathers the miner node to add the random adjustment number and calculates the front data block SHA-256 Hash operation value mining node repeatedly tries to find the random adjustment number directly, so that the hash value is lower than a specific target. Because it is not difficult to find the qualified random adjustment number inversely by hash operation, it is necessary to estimate the total number of broken trial and error process workload. The proof mechanism plays a role. The node finds the problem, broadcasts the new solution to the whole network, receives the new solution data block, and checks whether it meets the specification The hash value is calculated to find that the data block really meets the requirements, and its nodes accept the data block and attach it
7. First, the POS + pod hybrid consensus mechanism of the exclusive game community greatly improves the efficiency and consistency of the public chain network
Second, community autonomy. All decisions are made by community members. Under the hybrid consensus mechanism, both POS krypton players and pod technology players have higher yield and discourse power, which effectively avoids the impact of centralized computing power and financial resources on the whole game ecology, and thus reces the risk of bifurcation. If a node wants to propose a bifurcation for a certain protocol or standard, all nodes need to participate in the voting. If the pod + POS weighted value of the voting result exceeds 50%, the system defaults to the chain with high weighted value as the effective chain, and all nodes will migrate to the new chain mining at the time agreed in the voting result
thirdly, because game players have requirements for the performance and bandwidth of hardware devices, vs public chain sets the node players involved in accounting into two categories: full node and light node. Players can manually switch between full node and light node. Generally, light node mode is adopted in the process of the game to provide more hardware support for the game, and full node mode is started after the end of the game and ring the hang up period
fourthly, all the transaction rights in the game come from the players. Only after the players are authorized by the exclusive secret key, the game assets can be circulated. At the same time, all transaction data are encrypted by ECC (elliptic encryption algorithm), which is a modern cryptography technology, to ensure the information security of blockchain
fifthly, as a vertical public chain in the game field, vs will first complete the overall solution of decentralized game proction, virtual asset distribution and token economy operation. It includes game engine, developer environment, standard SDK, etc., which reces the difficulty and threshold for game developers to enter blockchain game development from various environments, greatly reces the workload and cost of game development team, and also makes vs public chain highly scalable.
Second, community autonomy. All decisions are made by community members. Under the hybrid consensus mechanism, both POS krypton players and pod technology players have higher yield and discourse power, which effectively avoids the impact of centralized computing power and financial resources on the whole game ecology, and thus reces the risk of bifurcation. If a node wants to propose a bifurcation for a certain protocol or standard, all nodes need to participate in the voting. If the pod + POS weighted value of the voting result exceeds 50%, the system defaults to the chain with high weighted value as the effective chain, and all nodes will migrate to the new chain mining at the time agreed in the voting result
thirdly, because game players have requirements for the performance and bandwidth of hardware devices, vs public chain sets the node players involved in accounting into two categories: full node and light node. Players can manually switch between full node and light node. Generally, light node mode is adopted in the process of the game to provide more hardware support for the game, and full node mode is started after the end of the game and ring the hang up period
fourthly, all the transaction rights in the game come from the players. Only after the players are authorized by the exclusive secret key, the game assets can be circulated. At the same time, all transaction data are encrypted by ECC (elliptic encryption algorithm), which is a modern cryptography technology, to ensure the information security of blockchain
fifthly, as a vertical public chain in the game field, vs will first complete the overall solution of decentralized game proction, virtual asset distribution and token economy operation. It includes game engine, developer environment, standard SDK, etc., which reces the difficulty and threshold for game developers to enter blockchain game development from various environments, greatly reces the workload and cost of game development team, and also makes vs public chain highly scalable.
8. "Impossible Triangle of blockchain" means that in a distributed computer system, consistency, availability and partition fault tolerance cannot be guaranteed to be satisfied at the same time, and at most two of them can be satisfied at the same time; System designers need to make choices according to different needs
in the current HNB application scenario and economic model, efficiency should be considered first, and it needs to support larger concurrent transactions and high performance. At the same time, as a system around payment as the core, in the premise of ensuring low delay, we need to avoid double spending problem, so safe and reliable is also crucial. Based on the above analysis, HNB proposes a dpos + algorand algorithm, which elects the consensus group through dpos, and then algorand generates the blockchain
the main advantages of the consensus algorithm based on this combination are as follows: first, the nodes selected by the dpos of identity attribute fully consider the distribution of interests and fairness, and avoid the evil situation of a single group. 2、 In addition, dpos is more stable and relatively high-performance than algorand, which is used to select ordinary users randomly. 3、 Bookkeepers are completely random and secretive, and can't generate specific attacks on them. 4、 On the premise of ensuring the security, we don't do meaningless calculation and save computing resources. 5、 The probability of single bookkeeper bifurcating is close to 0, and the fault tolerance rate is high
in this way, the "Impossible Triangle of blockchain" can also be effectively solved, creating a fully guaranteed community environment for HNB users.
in the current HNB application scenario and economic model, efficiency should be considered first, and it needs to support larger concurrent transactions and high performance. At the same time, as a system around payment as the core, in the premise of ensuring low delay, we need to avoid double spending problem, so safe and reliable is also crucial. Based on the above analysis, HNB proposes a dpos + algorand algorithm, which elects the consensus group through dpos, and then algorand generates the blockchain
the main advantages of the consensus algorithm based on this combination are as follows: first, the nodes selected by the dpos of identity attribute fully consider the distribution of interests and fairness, and avoid the evil situation of a single group. 2、 In addition, dpos is more stable and relatively high-performance than algorand, which is used to select ordinary users randomly. 3、 Bookkeepers are completely random and secretive, and can't generate specific attacks on them. 4、 On the premise of ensuring the security, we don't do meaningless calculation and save computing resources. 5、 The probability of single bookkeeper bifurcating is close to 0, and the fault tolerance rate is high
in this way, the "Impossible Triangle of blockchain" can also be effectively solved, creating a fully guaranteed community environment for HNB users.
Hot content