To really understand what is special about Bitcoin, we need to understand how it works at a technical level. We’ll address the important questions about Bitcoin, such as: How does Bitcoin work? What makes Bitcoin different? How secure are your Bitcoins? How anonymous are Bitcoin users? What determines the price of Bitcoins? Can cryptocurrencies be regulated? What might the future hold? After this course, you’ll know everything you need to be able to separate fact from fiction when reading claims about Bitcoin and other cryptocurrencies. You’ll have the conceptual foundations you need to engineer secure software that interacts with the Bitcoin network. And you’ll be able to integrate ideas from Bitcoin in your own projects. Course Lecturers: Arvind Narayanan, Princeton University All the features of this course are available for free. It does not offer a certificate upon completion.
Bitcoin As Smart Property
Loading...
From the course by Princeton University
Bitcoin and Cryptocurrency Technologies
1835 ratings
From the lesson
Bitcoin as a Platform
One of the most exciting things about Bitcoin technology is its potential to support applications other than currency. We'll study several of these and study the properties of Bitcoin that makes this possible.
Meet the Instructors
Arvind NarayananAssociate Professor
Computer Science
All right, so now we're going to change gears.
Like I said, we're gonna be changing gears quite a bit in this lecture, and
we're gonna talk about using Bitcoins to represent smart property.
So using Bitcoins to represent something other than simply
one unit of currency in the Bitcoin system.
So recall from the lecture on anonymity especially,
we talked about the transaction graph of Bitcoins, and
the fact that you can trace ownership of value in the Bitcoin system over time.
So every Bitcoin has a history.
Of course, keeping the caveat in mind that there's no such thing, really,
as a Bitcoin, just unspent transaction outputs, but
we'll think about them as coins.
And every coin has this long history attached to it,
which anybody can view in the block chain.
A history of everybody who's owned any piece of a coin, which,
through transfer and transactions with other coins, has turned into that current
unspent transaction output, or that current Bitcoin that you may hold today.
In fact, for any Bitcoin, you can trace its history all the way back
to some coin-based transactions when coins were originally minted.
And of course, there will be a bunch of other transactions that branch off that
aren't included in this final Bitcoin, but
every Bitcoin has this history that carries around within.
And as we've said, as we spent a whole lecture discussing, this is bad for
anonymity, because you can try and track ownership of coins, and
it also potentially enables blacklisting.
If you wanna blacklist coins owned by a specifically person, you can do so
using the fact that history is maintained as coins move around.
So there's an interesting observation here, which is Bitcoins aren't fungible,
and fungible is an economical term which means every Bitcoin has the same value
as any other, and they can be exchanged with no loss or change in value.
So, with Bitcoins that's not exactly true.
Every Bitcoin is, in fact, unique, and has a different history, and
if the history is meaningful to people,
it may mean that my one Bitcoin is not the same as your one Bitcoin.
And maybe I'm not willing to trade you, or maybe you're not willing to trade me,
because one of us likes the history of the coin we currently have more than
the history of another coin we might exchange it for.
So could this property be useful?
I've argued that it's bad.
It's bad in that it has problems for deanonymizing people or
for potentially blacklisting.
And that maybe it means Bitcoins aren't even fungible, which is a very interesting
property for a currency to have from an economic standpoint.
But I'll actually be arguing in the rest of this section that this can be
a very useful property if we give meaning to that history.
So let's think about what this would look like offline.
What if we wanted to add metadata to offline currency?
So some people actually do this.
They like to stamp various things on bank notes, as I have some examples of here.
And you'll notice that most of these are actually political protests talking about
campaign finance or the fact that George Washington grew hemp.
And the reason is that if anybody can stamp whatever they want on currenc,
it doesn't have that much value except as a form of speech.
It's really just a novelty.
So the question is,
what if we could have authenticated metadata attached to our currency?
So we wanna add some metadata to the currency that has some authenticity and
not anybody can simply duplicate.
And the way that we're gonna do this is to have a cryptographic signature on
the metadata that we want, tied to the serial number of the banknote.
So somebody who has some authority and has a sign-in key, is gonna sign
the combination of some metadata plus the banknote's serial number, and
that's gonna tie the metadata specifically to this note.
How might this work?
So let's say that a baseball team wants to start using dollar bills as tickets.
So they don't wanna go through the hassle of printing their own tickets anymore,
they say we wanna just have bank notes function as tickets.
So the Yankees would simply assert that this specific serial number
now represents a ticket to a specific game, maybe with a specific seat.
And that whoever is holding that note has the right at the gates of the stadium
to come in and sit down and watch the game with no other questions asked.
The bank note is their ticket.
And to add some authenticity here, there's gonna be a sign-in key that
the Yankees use, or whichever team we happen to be talking about, and
they're gonna sign that message saying the specific game number and the date and
all of that sort of information along with the serial number of the bill.
And then they may just wanna just stamp that right onto the bill,
say they use a 2D barcode to represent that signed data.
Now if you show up to the gates of the stadium and hand that bill over,
maybe somebody can look up in a database and say, yes,
there actually is a signature saying that this serial number of the bill is
designated to function as a ticket for this specific game.
And you wouldn't necessarily need to use a stamp.
Another solution that works just fine here,
which doesn't illustrate quite as well, is you could just
have a database at the stadium that has a list of different serial numbers and
which seats the holder of the note with that serial number is entitled to.
And when you showed up at the gate, they would just look at the serial number on
your bill and then look up in the database which seat you are allowed to sit in.
So [COUGH] what has this bought us?
Why would we wanna do this?
Now currency can represent anything, so I had the example of a sports ticket,
but we'll discuss more in a few slides there's a lot of applications here.
And we're inheriting the anti-counterfeiting
properties the bill already has.
So if you believe that it's hard to duplicate the bank note and
have the same serial number.
And there's a whole bunch of people in the Washington, DC area who are working
really hard to make sure that it's difficult to duplicate a bank note and
have the same serial number,
cuz currency would certainly be very different if that property wasn't true.
So if you trust that the anti-counterfeiting properties of the bill
are pretty good, you get to use those for
free cuz you simply tie that serial number to whichever metadata you want.
And the other neat thing is that the underlying value of this bill's currency
is maintained.
So, it may be a problem if everybody wants to
physically stamp metadata on currency all the time.
But if we use the database solution,
where you don't have to actually write anything on the currency, then you can
have somebody use this dollar bill as a ticket to get into the baseball game,
and then once they're in the game, they could use it to but a soda.
Of course, all of the authenticity here, all of the meaning in this new metadata,
is only as good as how much we trust the issuer that signed it.
So everybody has to know that there's a specific key that's used to sign
valid Yankee's tickets or whatever other metadata you're interested in.
Everybody else will look at this and just see a dollar bill.
They may not realize that it's actually worth perhaps
$100 if it's a lower box seat game, but that's okay.
That's actually a desired property here, because once it's fulfilled it's mission
ticket, it can go back into circulation as a regular bill.
So can we do this digitally in Bitcoin?
There's a bunch of reasons, perhaps,
why this offline scheme of banknotes hasn't quite taken off,
perhaps some legal reasons, or perhaps the cost of printing simply isn't that high.
But can we do this in a digital way on top of Bitcoin,
which will give us all of the cool digital features we like about Bitcoin,
the ability to do online exchanges,
the ability to use the system quickly and without trusting a bank.
We could have all of those properties for any type of metadata that we want.
So the idea here is that we want coins to track a specific color.
So just like we were able to stamp that metadata onto currency,
the idea here is that you can color in Bitcoins with the color of your choice.
They still function as valid Bitcoins.
You haven't taken away anything from the fact that they're valuable as Bitcoins,
but you've added a little bit of extra color.
And of course, in reality that color will be the metadata that we care about, but
for the purposes of this illustration or
the metaphor that's commonly used, we think of it as just adding color.
So how does that work?
Well, in one transaction, we're gonna insert a special extra bit of metadata
that declares that some of the outputs have a specific color.
So we'll say we're issuing five purple Bitcoins.
And the other output is seven Bitcoins
that continue to be normal bit coins of no color.
And perhaps somebody else with a different sign-in key and
a different transaction has issued four green Bitcoins.
So now we have Bitcoins that have different colors attached to them, and
we can do all the normal things that we do with Bitcoin transactions.
So we could have one Bitcoin transaction that takes several inputs,
some green coins, some purple coins, some uncolored coins, and
it shuffles them around and has outputs which maintain the color.
And there's gonna be some metadata there to do all the bookkeeping and
make sure the right color goes to the right coins.
We can do all the other normal things that we'd wanna do with a Bitcoin transaction.
We can split a transaction out, put a four green coins into smaller values,
[COUGH] and later on we could combine it,
we could combine multiple transaction outputs with green coins to make one big
transaction output with all of the incoming green coins.
So, the only thing that we've added here to the basic Bitcoin picture,
is the ability to add a little bit of metadata in transactions, that designates
some of the coins in one output transaction to have a certain color.
And of course, there's gonna need to be a signature in there somewhere, so
that not just anybody can use any color that they want.
So, the most popular proposal for
actually implementing this is called open assets, and how does it work?
Well, [COUGH] the issuance is done through a special pay-to-script hash address.
So if you wanna issue colored coins, you have to choose
a pay-to-script hash address that will issue whatever color you want, and
of course, the color might really be the fact that these are Yankees tickets.
And then any coin that transfers through that address that comes in
without a color will leave with the color designated to that address.
And you have to publicize that somewhere so there's various exchanges that track
which addresses info which color onto coins.
And it's fine for coins to have more than one color, that's really no problem.
Now every time that you have a transaction that involves colored coins,
you have to insert a special marker output.
So this is an unspendable output, kind of like in the case of commitments,
that allows us to write some extra metadata into the transaction.
And that metadata, which I'm not gonna discuss in detail cuz it's fairly tedious,
but it simply says of all the colored coins coming into this transaction and
all the outputs of the transaction,
how the color is divided between the different outputs.
So just like in any Bitcoin transaction, the normal metadata
specifies how the value of all the input transactions is divided
amongst the output transactions, you need to add this marker output when you're
dealing with colored coins to decide how you're gonna divvy up the color.
And you can add some extra metadata in there if you want,
the protocol supports that.
So [COUGH] what can we say about this system?
Well, the advantages are that it's compatible with Bitcoin,
you don't have to change anything.
And it gives you the flexibility for anybody to declare [COUGH] any color that
they want and start putting any metadata on any coin that they want, and
the system will track that.
And it's a good thing that since it's compatible with Bitcoin,
the rest of the community will ignore this.
So the miners won't take any position on who can issue which color, or rules for
transferring colors.
So nobody can censor this, you don't have to ask any central authority for
the right to start issuing coins in a new color.
If anybody believes you and
thinks that you have a good reason to do so, they can start trusting your signature
in the form of sending the coins through that pay-to-script hash address.
And if they respect the color that you're putting on coins,
then they have some value.
The disadvantages of this scheme is that we do have to put
that unspendable marker output into every transaction that involves colored coins.
So, we're adding a little bit of overhead, losing a little bit
of money in the form of regular Bitcoins every time we wanna trade colored coins.
And because that marker output is special and
the miners aren't enforcing any properties of it, it means that to verify that you
actually own some colored coins, you have to check the entire transaction history.
So it's not enough to just see that you're colored coin
transaction made it into the bock chain, because the miners aren't verifying it.
They don't understand colored coins, and they don't care.
And we've argued that that's an advantage of the system, but it means that you can't
have a thin client doing SPV verification like we can for regular Bitcoin.
If you wanna verify colored coins, you have to download the whole block chain,
every previous transaction, and trace the color of your coins from
the time that they were originally issued that color.
So this means that it's harder to use colored coins on very limited platforms on
phones or on anything that can't store the entire block chain and
maintain an up to date copy.
So what are some applications of colored coins?
[COUGH] I mentioned the ticket example, so you could have colored coins represent
tickets that give you admission to some event.
Another popular example that people have proposed is to have colored coins
represent stock in a company.
So every time you wanna issue some new stock, you pass some Bitcoins
through the pay-to-script hash address, which you say is issuing stock
on behalf of my new corporation, and then people can trade the stock.
And you don't need a stock exchange or
any of the infrastructure that is used in the offline world,
people can just trade the stock in exchange for regular Bitcoins.
[COUGH] Of course, people have to trust that you're actually going
to honor that stock, but assuming that they do,
then you can do all of your stock trading just like regular Bitcoin transactions.
And there's also the somewhat more outlandish idea that
color coins might actually represent a deed to some real world property.
So maybe a colored coin says that you actually own a house or a car.
And maybe you have a very sophisticated car
that actually tracks the block chain and will start and drive for
anybody who owns this specific coin that confers ownership of that car.
And then you could see a car with just one transaction in the Bitcoin block chain.
So maybe we're still a little bit, a little ways, away from making that happen,
and we'll be talking more in lecture 11 about some of the obstacles, legally and
socially, to making that happen.
But that's the dream of colored coins, is that any real world property, you can
represent in the world of Bitcoin, and you can trade just like any other Bitcoin.
And finally, one more interesting example I think, is ownership of domain names.
So maybe you could trade ownership of a domain name and the ability to
run a server there on the Bitcoin block chain just like anything else.
That has enough caveats and enough weird properties, like you want to avoid
people squatting on domain names and just buying up all the good domain names.
That's actually been launched as a separate Altcoin called NameCoin.
And in the next lecture, when we talk more about Altcoins,
we'll talk a little bit more about NameCoin, which is specifically launched
to try to handle this property of domain name ownership.
So you could do a domain name ownership with simple colored coins, but
in practice there's enough extras properties that you want to enforce,
that the community has been pursuing a separate Altcoin for that.
Explore our Catalog
Join for free and get personalized recommendations, updates and offers.
Coursera provides universal access to the world’s best education,
partnering with top universities and organizations to offer courses online.
© 2018 Coursera Inc. All rights reserved.
