Module 2
How Bitcoin Achieves Decentralization
How Bitcoin Achieves Decentralization
• Today we will discuss decentralization in Bitcoin.
• In the first module we looked at the crypto basics that underlie Bitcoin and
  we ended with a simple currency that we called ScroogeCoin.
• ScroogeCoin achieves a lot of what we want in a ledger‐based
  cryptocurrency, but it has one glaring problem — it relies upon the
  centralized authority called Scrooge.
• We ended with the question of how to decentralize, or de‐Scrooge‐ify, this
  currency, and answering that question will be the focus of this session.
Centralization Problem
• If Scrooge just gets bored of the whole ScroogeCoin scheme and stops doing the
  things that he is supposed to do, then the system won't operate anymore.
• Problem is Centralization: although Scrooge is happy with the system, the users
  of it might not be. In order to improve on ScroogeCoin is necessary to
  decentralize the system.
• Need to figure out how to provide the same services of Scrooge, but in a
  decentralized way, in which no particular party is the only trusted one. We need
  to figure out:
   • How everyone can agree upon a single published blockchain, on which transactions are
     valid and which transactions actually occurred
   • How we can assign IDs to things in a decentralized way
Centralization vs. decentralization
    Centralization vs. decentralization
• Competing paradigms that underlie many digital technologies
• Centralized: Online Social Networking Services (Facebook, Google)
• Decentralized: Internet, Email service and the SMTP protocol
• Decentralization is not all-or-nothing: For example, E-mail. Email has a
  decentralized protocol (e.g., SMTP), but dominated by centralized
  webmail services
• Similarly, while the Bitcoin protocol is decentralized, services like Bitcoin
  exchanges, where you can convert Bitcoin into other currencies, and wallet
  software, or software that allows people to manage their bitcoins may be
  centralized or decentralized to varying degrees.
Aspects of decentralization in Bitcoin
    1.   Who maintains the ledger?
    2.   Who has authority over which transactions are valid?
    3.   Who creates new bitcoins?
    4.   Who determines how the rules of the system change?
    5.   How do bitcoins acquire exchange value?
•   Beyond the protocol: Bitcoin Exchanges, Wallet software, Service
    providers...
•   Even if the underlying protocol is decentralized, these services, developed
    on top of it, may be centralized or decentralized.
Aspects of decentralization in Bitcoin
• The peer‐to‐peer network is close to purely decentralized since anybody can run a
  Bitcoin node and there’s a fairly low barrier to entry. You can go online and easily
  download a Bitcoin client and run a node on your laptop or your PC. Currently there
  are several thousand such nodes.
• Bitcoin mining is technically also open to anyone, but it requires a very high capital
  cost. Because of this there has been a high degree of centralization, or a
  concentration of power, in the Bitcoin mining ecosystem. Many in the Bitcoin
  community see this as quite undesirable.
• A third aspect is updates to the software that Bitcoin nodes run, and this has a
  bearing on how and when the rules of the system change. One can imagine that
  there are numerous interoperable implementations of the protocol, as with email.
  But in practice, most nodes run the reference implementation, and its developers
  are trusted by the community and have a lot of power.
                              Distributed consensus
We’ve discussed, in a generic manner, centralization and decentralization. Let’s now examine
decentralization in Bitcoin at a more technical level.
A key term that will come up throughout this discussion is consensus , and specifically,
distributed consensus . The key technical problem to solve in building a distributed
e‐cash system is achieving distributed consensus. Intuitively, you can think of our goal as
decentralizing ScroogeCoin.
Reliability in distributed systems
• Imagine the backend systems for companies like Google or Facebook.
• These companies have thousands, or even millions of servers, which form a
  massive distributive database.
• This database records all the actions on the system, such as users' comments,
  likes, posts and so on.
• When a new information comes in, the server needs to make sure that that
  comment either gets recorded in all copies of the database, or none of them.
• If the action gets recorded in none of the databases, it's okay: it's enough to
  notify the problem to the user.
• If some of the copies of the database saved it and others didn't, then there will
  be a lot of troubles: the database will be inconsistent.
• Key problem motivated the traditional research on distributed consensus.
Bitcoin’s key challenge
• Key technical challenge of decentralized e-cash:
  distributed consensus
• or: how to decentralize ScroogeCoin
Definition - Distributed Consensus
• There are “n” nodes, each have an input value. Some nodes are
  faulty or malicious.
• A distributed consensus protocol has the following two
  properties:
  1. The protocol terminates and all honest nodes are in agreement on
     the same value
  2. The output value must have been proposed by some honest node
        What does this mean in the context of Bitcoins?
Bitcoin is a peer-to-peer system
When Alice wants to pay Bob:
she broadcasts the transaction to all Bitcoin nodes
           signed by Alice
          Pay to pkBob : H( )
        Note: Bob’s computer may not be in the picture or online!
        In fact, running a Bitcoin node is not important for Bob to
           receive the funds. The Bitcoins will be his regardless
What nodes need to reach a consensus on?
● Which transactions were broadcast on the network
● Order in which these transactions occurred
 Result of the consensus protocol: Single, global transaction
ledger for the system
How consensus could work in Bitcoin
At any given time (in the bitcoin peer-to-peer network):
● All nodes have a sequence of blocks of transactions (called,
  ledger or block chain) they’ve reached consensus on
● Each node has a set of outstanding transactions it’s heard
  about (but not yet included in the block chain)
   ● For these transactions consensus has not yet happened
   ● Each node may have a slightly different outstanding transaction
     pool
How consensus could work in Bitcoin
                                                  Tx
                                                  Tx
                                                  …
                                                  Tx
 Tx        Tx          Tx
 Tx        Tx          Tx
 …         …           …
                                              Consensus
 Tx        Tx          Tx
                                               protocol
                                    Tx                       Tx
                                    Tx                       Tx
                                    …                        …
                                    Tx                       Tx
      OK to select any valid block, even if proposed by only one node
• How exactly do nodes come to consensus on a block? One way to do this: at
  regular intervals, say every 10 minutes, every node in the system proposes its
  own outstanding transaction pool to be the next block.
• Then the nodes execute some consensus protocol, where each node’s input is
  its own proposed block.
• Now, some nodes may be malicious and put invalid transactions into their
  blocks, but we might assume that other nodes will be honest.
• If the consensus protocol succeeds, a valid block will be selected as the
  output. Even if the selected block was proposed by only one node, it’s a valid
  output as long as the block is valid.
• Now there may be some valid outstanding transaction that did not get
  included in the block, but this is not a problem. If some transaction somehow
  didn’t make it into this particular block, it could just wait and get into the next
  block.
Why consensus is hard (esp. in the Bitcoin context)?
There are a number of technical problems with this approach.
• Firstly, consensus in general is a hard problem since nodes might crash or be outright
  malicious.
• Secondly, and specifically in the Bitcoin context, the network is highly imperfect. It’s a
  peer‐to‐peer system, and not all pairs of nodes are connected to each other. There could be
  faults in the network because of poor Internet connectivity for example, and thus running a
  consensus protocol in which all nodes must participate is not really possible.
• Finally, there’s a lot of latency in the system because it’s distributed all over the Internet.
                          No notion of global time  constraints the set of
                              consensus algorithms that can be used
Many impossibility results
• Byzantine generals problem: In this classic problem, the
  Byzantine army is separated into divisions, each commanded
  by a general. The generals communicate by messenger in
  order to devise a joint plan of action. Some generals may be
  traitors and may intentionally try to subvert the process so
  that the loyal generals cannot arrive at a unified plan. The
  goal of this problem is for all of the loyal generals to arrive at
  the same plan without the traitorous generals being able to
  cause them to adopt a bad plan. It has been proven that this
  is impossible to achieve if one‐third or more of the generals
  are traitors.
Understanding impossibility results
• The earlier results proven for specific models
  • Specifically, distributed databases
  • A distributed database model (and assumptions under it)
    doesn’t carry over to Bitcoins!
• These results say more about the model than about
  the problem
• What does it mean?
  • It may be possible to develop consensus protocols that
    work for Bitcoin networks
Bitcoin consensus: theory & practice
• Bitcoin consensus works better in practice than in
  theory
• Theory is still catching up
• BUT theory is important, can help predict
  unforeseen attacks
So why is the problem of consensus different in
Bitcoins?
Introduces incentives
•   Possible only because it’s a currency!
•   So in Bitcoins we do not have to solve the consensus problem in general, but only
    the one for a currency system
Embraces randomness
•   Does away with the notion of a specific starting and ending point for consensus
•   Consensus happens over long time scales — about 1 hour
•   In summary, consensus in Bitcoins is not deterministic – Even at the end of 1 hour
    nodes may not be 100% sure that their view of the block chain is the consensus view
    • Although the probability of that not being the case is very low