比特币是区块链技术的一个典型应用。央行发行的数字货币,由银行提供验证、背书。
Bitcoin is a typical application of block chain technology.
比特币是一个去中心化的数字货币。
Bitcoin is a decentralised digital currency.
去中心化的数字货币,需要解决的问题是:
The issues to be addressed in decentralised digital currency are:
- 谁发行货币
- 怎么验证
比特币的发行是由挖矿决定的。
The distribution of Bitcoin is determined by mining.
挖矿本质是争夺记账权,提交下一个区块。提交下一个区块的时候,会获得block reward(出块奖励),出块奖励的比特币是新产生的,等同于发行新的币。
The essence of mining is to compete for rights to account and submit the next block. When submitting the next block, you get a black reward, and the bitcoin that gives the incentive is new and equal to the issuance of a new currency.
比特币争夺记账权的过程叫作挖矿(mining),比特币被称为数字黄金(digital gold),争夺记账权的节点被称为矿工(miner),一旦找到就能赚钱。
Bitcoin's struggle for bookkeeping is called mining, Bitcoin's name is digital gold, and the node for bookkeeping is known as miner, making money once found.
最初的出块奖励是50个比特币,比特币协议规定,每21万个区块后,奖励减半。所以比特币一直运行下去,最终会产生2100万个比特币。
The initial outlet was 50 bitcoins, and the Bitcoin agreement provided for a reduction of the reward by half for every 210,000 blocks. So Bitcoins kept running, eventually generating 21 million bitcoins.
按照比特币系统平均每10分钟出一个区块的速度计算,差不多4年,出块奖励就减半。
Based on the speed at which the bitcoin system produces a block every 10 minutes, the block is halved for almost four years.
比特币依赖区块链,由链上的所有节点共同维护。
Bitcoin relies on the block chain, which is maintained jointly by all nodes of the chain.
比特币在交易的过程中,需要有相应的签名,转出方还需要提供自己币的来源。
Bitcoin needs a corresponding signature in the course of the transaction, and the transferring party needs to provide the source of its own currency.
上图就是一个简单的比特币区块链,记录了btc交易的流转。
The figure above is a simple bitcoin block chain recording the flow of btc transactions.
每个小区块有2种hash指针:
Each block has two shash pins:
-
连接在块之间,记录前一个区块头的hash值,因此形成区块链
Connect between blocks, recording the hash value of the previous block, and thus forming a block chain
-
指向前面的某个交易,指明比特币的来源。
Point to a transaction in front, indicate the origin of the bitcoin.
指明币的来源的目的:证明币不是凭空捏造的,同时也能防范双花交易(double spending attack)
The purpose of identifying the origin of the currency: to prove that the currency was not invented in vain, but also to guard against double-collar transactions (double spending attack)
区块链里的内容是如何写到区块链里面的呢?
How does the contents of the block chain fit into the block chain?
每个节点,每个账户都可以发布交易,交易是广播给所有节点的。有些交易是合法的,有些是非法的。
Each node allows each account to issue a transaction, which is broadcast to all nodes. Some transactions are legal and some illegal.
谁来决定哪些交易应该被写入下一个区块中呢? 按照什么顺序写呢? 如果每个节点自己决定可以吗?
区块链是什么?是个去中心化的账本,账本里的内容得有个统一的说法。如果每个人在本地维护一个区块链,那区块链的统一性得不到保证,而账本的内容是要取得分布式的共识(distributed consensus)。
Who decides which transactions should be written into the next block? In what order? If each node decides for itself? What's the
block chain? It's a decentralised account book, the contents of which have to be consistent. If everyone maintains a block chain locally, the unity of the block chain is not guaranteed, and the contents of the account book are to achieve a distributed consensus.
借这里的图,提个有意思的事情。
Here's the map. Let's talk about something interesting.
如图中所示,A有10个BTC,图中转给B和C各5个,那么能转给B和C各4个吗?
As shown in the figure, there are 10 BTCs in A, which are transferred to 5 Bs and 5 Cs, so can they be transferred to 4 Bs and 4 Cs?
可以,但是剩下的10-4*2=2个BTC 就成了交易手续费 赏给矿工了。
Yes, but the remaining 10-4*2 = 2 BTC became a transaction fee for the miners.
如果不想给矿工,可以给BC各4个,再转给自己另外一个账户2个。
If you do not want to give it to the miners, you can give four each to BC and transfer it to another account.
比特币中共识 (consensus in BitCoin) 要解决的一个问题是,有些节点可能是有恶意的。我们假设系统中大多数节点是好的,那么该如何取得共识协议?
One of the issues to be resolved in Bitcoin is that some nodes may be malicious. Let's assume that most of the nodes in the system are good, so how do we reach consensus?
投票
Vote
既然大多数节点是好的,那就直接投票,首先应该确定哪些区块有投票权,有些membership是有严格要求的,不是谁都可以加入的,(比如说联盟链hyperledger,只有某些符合条件的大公司才能加入 hyperledger fabric)这种情况下基于投票的方案是可行的。
Since most of the nodes are good, it is important to vote directly, first of all to determine which blocks have the right to vote, and some membersship are strictly required, and not everyone can join (e.g. the alliance chain hyperledger, where only some large companies that are qualified can join the vote-based formula).
但是比特币系统不是这样的。
但是比特币系统创建账户是很容易的,就在本地产生一个公钥私钥对就是一个账户,不需要任何人批准,甚至一个人产生了公私钥对别人都无法得知,只有转账时别人才知道。But this is not the case for the bitcoin system.
But it is easy for the bitcoin system to create an account, and it is an account that produces a public key pair locally, without any approval, even if a person produces a public or private key that is not known to anyone, only when a transfer is made.所以有些恶意节点可以不停的创建账户,当超过账户总数的一半时就有了控制权,这种称为女巫攻击(sybil attack)。因此投票方法不可取。
So there are malicious nodes that can keep creating accounts and have control when more than half the total number of accounts, which is called the sybil attack. The voting method is therefore not desirable.
比特币不是按照账户数目投票,而是按照计算力来投票。
Bitcoin voted not according to the number of accounts, but according to
每个节点都可以在本地组装出一个候选区块,把它认为合法的交易放在里面,然后开始尝试各种nonce值(占4 byte),看哪一个能满足不等式H(block header)≤target的要求。
Each node can assemble a candidate block locally, place it in a transaction that it considers legitimate, and then begin to try various nonce values (4 byte) to see which one meets the requirements of the variable H (block header) TTart.
block head里面有一个域叫做nonce。如果某个节点找到了符合要求的nonce,它就获得了记账权。
Block head has a domain called nonce. If a node finds the required nonce, it gets rights to account.
所谓的记账权,就是往比特币账本里写入下一个区块的权利。只有找到这个nonce,获得记账权的节点才有权利发布下一个区块。其他节点收到这个区块之后,要验证这个区块的合法性。
The so-called strong is the right to write the next block to the bitcoin account . Only if this nence is found, the node to which the right to record is given, has the right to publish the next block. Once the other nodes receive the block, verify the legality of the block.
最长合法链(longest valid chain)
the longest legal chain
有时候会出现2个矿工都计算出nonce,都对外广播自己挖到下一个区块。其他节点验证之后,选择正确合法的区块,在其后继续挖。最终这个分叉的区块链会分出长短,长的取胜,不在最长合法链上的区块(orphan block)就被丢弃了。
In some cases, two miners calculate the size of the nonce and broadcast themselves to the next block. After the other nodes have been validated, the correct and legal blocks are chosen and the digging continues thereafter. Ultimately, this fork is a long chain, and the orphanal block is abandoned.
这两条都是最长合法链,那该接受那条呢?
These two are the longest legal chains. What about accepting them?
这里的接受 意味着 认可这个区块,并基于这个区块往下继续扩展。
The acceptance here means recognition of this block, and it's based on the block's continuing downwards.
比特币协议当中,在缺省(默认的意思)情况下,每个节点是接受它最早收到的那个。所以不同节点根据在网络上的位置不同,有的节点先听到新生成的其中一个区块,那就接受这个区块;有些节点先听到另一个区块,那就接受另一个区块。
In the Bitcoin agreement, in default (in default), each node is the one it received first. So different nodes, depending on their location on the network, hear one of the newly created blocks first, then accept the block; some node hears the other block first, then accept the other.
这两个新区块有可能会各自拉拢,两个区块链看谁的算力强,有时候也是看谁的运气好,就会胜出。
The two new blocks are likely to be drawn together, and the two blocks chain will win by looking at who's money and sometimes who's lucky.
比特币系统中共识机制要取得什么共识?
What consensus is the consensus mechanism in the Bitcoin system?
类似于分布式哈希表,有很多系统服务器要维护分布式哈希表,假如有人在自己电脑上插入一个键值对,那么别人在另一台读的时候也要能把这个读出来,这就叫一个全局的哈希表。这里维护的共识是这个哈希表中的内容,包含那些key-value值。
Like the distributed Hash watch, there are many system servers that want to maintain the distributed Hash watch, and if someone inserts a key pair on their computer, someone else can read it on the other channel, which is called a global Hash watch. Here
比特币的分叉,分两种:状态分叉、协议分叉
Bitcoin's split fork in two: status fork, protocol fork.
由于对区块链当前状态有意见分歧而导致的分叉。
(c) Forks resulting from differences of opinion on the current state of the block chain.
比如说:2个矿工同时挖到下一个正确的区块,就形成了一个分叉,只不过这个分叉随着时间的推移,会 根据【最长合法链】原则得到解决。
For example, two miners dig up the next right block at the same time and form a fork, but this fork will be resolved over time in accordance with the principle of [the longest legal chain].
对比特币协议产生分歧,用不同版本的协议造成的分叉。根据协议修改的内容不同,可以分成 硬分叉 和 软分叉
The Bitcoin agreement is divided, with a split fork created by different versions of the agreement. Depending on the content of the agreement, it can be divided into hard fork and soft fork.
-
hard fork
什么情况会出现硬分叉?
对比特币协议增加新协议,扩展新功能,未升级软件的旧节点会不认可这些修改,会认为这些特性是非法的。In what case would a hard fork arise?
The Bitcoin Agreement adds new protocols and expands new functions, and the old nodes of the non-upgraded software would not accept these modifications and would consider them illegal.这也就是对比特币协议内容产生分歧,从而导致分叉。
This is the difference between the content of the Bitcoin agreement, which leads to a fork.
硬分叉的一个典型例子,就是对比特币区块大小的修改。
A typical example of a hard fork is a change in the size of a bitcoin block.
在BTC系统中,区块大小最大为1MB,可以包含的交易最大数量为4000笔左右。而一个区块产生大概需要10min左右,也就是说,整个比特币系统,平均每10分钟最多只能处理4000笔交易(平均每秒7笔交易)。这个速度严重影响了吞吐量和交易处理。
In the BTC system, blocks have a maximum size of 1 MB and can include a maximum number of transactions of about 4,000. One block takes about 10min to produce, which means that the entire bitcoin system can handle only 4,000 transactions per 10 minutes (seven transactions per second). This speed seriously affects the amount of throughput and the processing of transactions.
所以,有人建议增大区块,使得一个区块可以包含更多笔交易。假设扩大到4M。
So it is suggested that blocks be expanded so that one block can include more transactions. Assuming that they are expanded to 4M.
未升级的节点只认可1M的小块,新的节点对1M和4M大小的都认可。
The unupgraded nodes only recognize 1M blocks, while the new nodes recognize the size of 1M and 4M.
就可能出现上图的效果:老节点认为包含1和3的块所在的链都是非法的,于是又在2后面分叉 并创建4。
The effect of the above is possible: the old node thought that the chains containing one and three were illegal, and then split up after two and created four.
这种分叉是永久性的,只要旧节点不更新,下面的链就永远不会消失。
This fork is permanent and the chain below will never disappear as long as the old nodes are not updated.
-
soft fork
目前UTXO是全节点自己在本地为了方便查询自行维护的,但UTXO内容并未写入区块链。
Currently, UTXO is maintained locally by UTXO itself for ease of reference, but UTXO content is not included in the block chain.
UTXO(Unspent Transaction Output)
比特币采用了一种追踪比特币的流水账记录法。本质上,就是只记录交易本身,而不记录交易的结果。
Bitcoin uses a flow log method to track bitcoin. Essentially, it records only the transaction itself, not the result of the transaction.
区块链系统只处理所有的交易,而需要清算、查看余额等信息,由区块链节点自行处理。
The block chain system deals only with all transactions and requires liquidation, balance-seeing, etc., to be handled by the block chain nodes themselves.
在比特币中,采用transcation-base ledger,即基于交易的记账本。通常我们更容易理解account-base ledger基于账户的记账本。
In Bitcoin, a book of accounts based on transactions is used. Normally, we understand better the book of accounts based on accounts.
比特币系统中,全节点负责维护UTXO数据结构,保存没有花费的交易。
In the Bitcoin system, the full node is responsible for maintaining the UTXO data structure and for preserving uncosted transactions.
如果账户要查询余额,可以查找账户在UTXO里输出一共收到多少个币,如果是全结点的话可以算出来,但是很多比特币钱包不可能在手机上维护一个完整的区块链,实际上是一个轻节点,如果查询某账户余额,轻节点便需要询问全节点,全节点根据UTXO中信息可以计算得到账户余额,但如何确保全节点给的数据可信?
有人提议把UTXO集合中的内容也组织成一棵Merkle tree,将其根哈希值写在coinbase域中,(如果改block header的话动静太大,coinbase域正好没人用),改这个域的内容,最后会改到block header中的根哈希值,这样就可以通过Merkle proof证明出来了。
可以看到,旧节点认可新节点的区块,因为旧节点不管你写的内容,但新节点对于旧节点CoinBase域检查时候,发行并没有这个UTXO的根哈希值,不会认可其发布的区块,所以这是软分叉。If the account is to search for the balance, how many coins have been received from the account in UTXO, if the full node is available, but many bitcoins cannot maintain a complete block chain on the cell phone, actually a light node, if the account balance is checked, the light node needs to ask for the full node, the full node can calculate the account balance on the basis of the information in UTXO, but the full node can be changed to the root Hashi value in UTXO, so that the data given by the full node can be proved by Merkel Proof.
It is proposed that the contents of UTXO be organized into a Merkle Tree, that the root node be written in the coinbase, that the old node be approved by the new node (if the block header is too quiet, the coinbase area is not used), that the contents of the area be changed to the root node, that is not available at the time of the new node.
小结一下:
Slightly:
soft fork:只要系统中拥有半数算力以上的结点更新了软件,系统就不会出现永久的分叉
Soft fork: There will be no permanent fork in the system as long as the nodes with more than half the computing power of the system are updated
hard fork:必须所有节点都更新了软件,系统才不会出现永久性的分叉,如果有小部分结点不愿意更新,系统就分成了两条链
Hard fork: All nodes must be updated so that the system does not have permanent fork, and if there are small nodes that do not want to be updated, the system is divided into two chains.
比特币区块链中的节点,分为全节点和轻节点。
The nodes in the Bitcoin block chain are divided into full nodes and light nodes.
如果不需要进行挖矿,只需要进行转账 只需要运行一个轻节点就可以,没必要运行全节点。
If you don't have to dig, you just have to transfer, you just have to run a light node, you don't have to run the whole node.
两者区别如下:
The difference is as follows:
- 一直在线
- 在本地硬盘上维护完整的区块链信息
- 在内存里维护UTXO集合,以便快速检验交易的正确性
- 监听比特币网络上的交易信息,验证每个交易的合法性
- 决定哪些交易会被打包在区块里
- 监听别的矿工挖出来的区块,验证其合法性
- 挖矿并且可以决定挖矿的方向:最长链方向,如果出现等长的分叉时,选择最先监听到的那一条分叉
- 不是一直在线
- 不用保存全部整个区块链,只要保存每个区块的块头
- 不用保存全部交易,只保存与自己相关的交易
- 无法检验大多数交易的合法性,只能检验与自己相关的那些交易的合法性
- 无法检测网上发布的区块的正确性
- 可以验证挖矿的难度(即检测你发布的区块是否符合难度要求)
- 只能检测哪个是最长链,不知道哪个是最长合法链
前面说了,挖矿本质是争夺记账权,提交下一个区块。
As stated earlier, mining is essentially a bid for rights of account and is submitted to the next block.
挖矿的过程是无记忆性的memoryless,又称progress free。
The process of mining is memoryless memoryless, also known as progress free.
就像 抛硬币,我想要抛一个正面向上的硬币,和已经抛过的过程无关系。
Like, tossing a coin, I want to throw a front-to-face coin, which has nothing to do with the process that has already been thrown.
每尝试一个nonce,都是在一定概率下满足挖矿条件,和之前尝试了多少次nonce没关系。这种memoryless的特性,使得挖矿成功的概率等于节点占总算力的比例。
It doesn't matter how many times you've tried it before. This memoryless feature makes the probability of success equal to the number of nodes as a proportion of the total power.
比特币中用的哈希函数叫作SHA-256,根据SHA256的特性:块头任意一位发生变化,得到的hash值会变得完全不一样,而且大小变化方向不确定。
The Hashi function used in Bitcoin is called SHA-256 and according to the characteristics of SHA256: the head changes at any one time, the hash value becomes completely different, and the size and direction of the change is uncertain.
挖矿的时候,miner用PoW算法(Proof-of-Work)计算整个块头的hash值,比较hash值是否小于某个值(实际上这个值是保存在块头中的nBit “解压后” 的current_target值)来判断是否满足要求;
When mining, Miner uses the Pro-of-Work algorithm to calculate the hash value of the whole block, comparing whether the hash value is smaller than a value (in fact, the clairrent_target value, which is stored in nBit “repressed” in the block) to determine whether the requirement is met;
如果小于,则广播这个区块;如果不小于,则按照当前挖矿节点的规则改变块头中可以改变的值,然后再次计算块头hash值,以此往复,直到结果小于目标值。
If smaller, the block is broadcast; if not smaller, the variable value in the block is changed according to the current rules of the mining node and the head hash value is calculated again so as to repeat it until the result is less than the target value.
那么块头中,有哪些值可以改变,从而改变整个块头的hash的呢?
So, what are the values in the block that can change the hash of the whole block?
除了前面说到的nonce,其实还可以改变merkle root。
In addition to the earlier nence, it can actually change the merkele root.
每次挖矿,矿工可以得到一定数额奖励。也就是常说的铸币交易,铸币交易(coinbase域)可以自由输入任意的一些内容,从而向上影响整个merkle tree root hash。
Each time a mine is mined, the miners are rewarded with a certain amount of money. This is what is often called the sedentary trade, where the coin trading (coinbase) is free to enter whatever it takes, thereby affecting the entire Merkele tree root hash up.
比特币的mining puzzle是哈希算法,流行的运算工具有CPU、GPU、ASIC等。
Bitcoin's Mining Puzzle is a Hashi algorithm, with popular computing tools such as CPU, GPU, ASIC, etc.
第一代,CPU挖矿,CPU擅长逻辑控制,串行的运算。普通电脑挖。
The first generation, CPU digs, CPU's good at logic control, collusive calculations. Normal computer digs.
第二代,GPU挖矿,GPU擅长的是大规模并发计算。显卡挖。
The second generation, GPU digs, and GPU's good at large-scale co-production.
第三代,ASIC专用设备挖矿,矿机。
Third generation, ASIC special equipment for mining, mine machines.
ASIC,Application Specific Integrated Circuit,在集成电路界被认为是一种为专门目的而设计的集成电路。
ASIC, Application Special Integrated Circuit is considered to be an integrated circuit designed for specific purposes in the integrated circuit community.
矿机淘汰速度也很快,过段时间就有更好的矿机问世。
Miners are also being phased out at a fast pace, and there will be better mine opportunities in time.
单兵作战的模式,已经比较难挖到矿了。
The single-man mode of warfare has become more difficult to dig into.
矿池可以将分散的算力集中起来,一个矿池可以管理很多个矿工,矿池负责打包区块,矿工负责接收矿池的任务进行hash运算。
The ponds can bring together the dispersed computing capacity, a pool can manage a large number of miners, the pits are responsible for packing blocks and the miners are responsible for the task of receiving the ponds for ash calculations.
矿池中的矿工按贡献率分配挖矿奖励,矿工的贡献也是采用工作量证明的方式。实际,矿池要求矿工提交一个较比特币puzzle难度低的结果。
In practice, miners are required to submit a lower result than bitcoinpuzzle /strong >.
比如比特币puzzle要求包含70个0,而矿池要求puzzle是60个0。
Bitcoinpuzzle, for example, requires 70 zeros, whereas the pond requires 60 zeros.
矿工每提交一个这样的结果,被认为比较了一个share。这些share中可能包含了符合比特币要求的结果,矿池就可以获得收益。
Each such result submitted by a miner is considered to be a comparison of the share.
而绝大部分的share是没有意义的,仅仅作为矿工的工作量证明。
And the vast majority of the shares are meaningless, merely proof of the workload as miners.
从概率上分析,加入矿池的矿工的收入期望并没有增加,获得的收益任然是矿工占全部节点算力的比例。但是,通过加入矿池,矿工收入的稳定性提高了。一些矿池为了吸引矿工加入,会为矿工提供额外的奖励,这也导致了超大型矿池的出现。
In probabilistic analysis, the income expectations of miners who join the ponds have not increased, and the benefits have been left to miners’ share of total node capacity. But, by joining the pits, the stability of the miners’ income has improved.
如果有一个矿池 包含了百分之51的节点,也不一定是百分之51,相当大的算力就有可能,那么他可以发动分叉攻击以及Boycott
If there's a pond that contains 51 percent nodes, not necessarily 51 percent, it's possible to have a considerable amount of money, then he can launch a fork attack and Boycott.
分叉攻击:比如A将一笔交易给了B,经过了6个区块确认生效后。A发动分岔攻击,再生成一个链比原来的更长(拥有足够高的算力是有可能达到的)然后A转给B这笔交易就无效了。这样B就造成了经济损失。
split attack: For example, A gives a deal to B, after six blocks are confirmed and effective. A fork attack, generating a chain longer than before (with enough arithmetic to be possible) and then A transfers the transaction to B. B thereby causes economic loss.
Boycott:即对任意用户进行“封杀”,比如对A进行封杀,A进行的所有的交易都不让上链,只要A进行一次交易 就进行一次分岔。和分岔攻击不同的是,boycott不需要等6个区块确认,只要A进行上链就发动分岔 越早越好。
Boycott: This means “capture” of any user, e.g. sealing A, all transactions A does not let go of the chain, one single transaction of A, and one split. Unlike a cross-off attack, Boycott does not need to wait for six blocks to confirm that as long as A crosses the upper chain, the sooner the better.
比特币需要维持约10分钟出一个块,那么就要根据实际情况 动态调整挖矿难度。
Bitcoin needs to keep about 10 minutes out of a block, so it's going to have to adjust the difficulty of mining according to the dynamics of the situation.
问题,如何让所有矿工同时调整目标阈值target的值呢?
The question is, how can all miners adjust the target threshold value of target at the same time?
计算target的方法是写在比特币系统的代码里的,每挖到2016个区块。难度就会自动调整。
The method of calculating the target is written in the bitcoin code. Each block digs into 2016 blocks. The difficulty is automatically adjusted.
- 假设某全节点收到某个转账交易,会不会有可能转账交易中收款人地址该全节点从未听过?
可能,因为比特币账户只需要本地产生即可。只有该账户第一次收到钱时,其他节点才能知道该节点的存在。 - 私钥泄露怎么办?
尽快将剩余BTC转到其他安全账户上,没有第三方中心机构重置密码或冻结账户,只能自己对自己负责。
BTC系统中账户便是公私钥对,密码就是私钥,无法更改。 - 转账写错地址怎么办?
没有办法,只能自认倒霉,无法取消已经发布的交易。如果转入不存在地址,则该部分比特币便成为了死钱。当然,比特币系统中UTXO会永久保存该交易,记录该并不存在的地址。因此,对全节点来说,这是不友好的。
参考资料:
References:
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论