Blockchains: How They Work
Back to basics with Prof. Dr. Fabian Schär
Blockchain is a very interesting and promising technology. It is, however, also a very complex and highly interdisciplinary one. The underlying concepts are a mixture of computer science, cryptography, and economics. To truly grasp the technology and its potential, one needs to have a background in all three of these disciplines. To make matters worse, there is no generally accepted definition of the term blockchain. Consequently, it is rather unsurprising that there is some confusion and disagreement on the potential, the use cases, and even the distinction from regular databases.
In this article, I will first briefly explain how a blockchain works and then look into some of the applications, namely native crypto assets, proof-of-existence, and the tokenisation of assets. I will then discuss the potential in a short conclusion.
1. How blockchains work
A blockchain is a distributed database. Each participant may hold a copy of this database and change it in accordance with a specific rule set. In contrast to centralised databases, there is no leader with the right to exclusively decide the current state of the database. Instead, a blockchain makes use of three principles: peer-to-peer networks (transaction capacity), public key cryptography (transaction legitimacy), and a consensus protocol (transaction consensus). These principles are discussed in the following subsections.
Most blockchain protocols are built on peer-to-peer networks. Peer-to-peer simply means that there are no participants with special privileges. In a permissionless blockchain protocol, anyone with a computer can freely join the network and become part of it. The connections are usually selected randomly and all participants may connect to a number of its peers and directly exchange information with them. Peer-to-peer networks are usually very robust. There is no single point of attack or failure, since none of the participants are essential for the network’s existence.
New information is exchanged in the form of transaction messages. Whenever someone wants to add in- formation to the blockchain, this person simply creates a transaction message containing a list of the changes, and sends this transaction message to the network participants. At this point, it is best to think of the transaction message as a rumour. Indeed, just like a rumour, it is forwarded until every network participant has the information. However, also just like a rumour, it is still unconfirmed at this point. There might be false or conflicting information, making the changes unreliable. In order to understand what is needed for the rumour to be confirmed, we need to have a look at the following subsections, namely transaction legitimacy and trans- action consensus.
While there are a number of reasons why it is great that anyone can propose changes to a database, there are also very good reasons why allowing anyone to perform arbitrary additions to a database might be dangerous. If, for example, the blockchain tracks account balances, as is the case with many crypto assets, arbitrary changes would be disastrous. Imagine a situation in which anyone could freely adjust someone else’s account balance. To prevent this from happening, the technology employs a concept referred to as public key cryptography.
Public key cryptography is a special branch of cryptography that deals with asymmetric encryption. Asymmetric encryption simply means that each participant has two separate (yet mathematically connected) keys: i.e. a public key and a private key. The private key can be best described as a password. It is of the utmost importance that the private key is stored securely. If someone else has access to your private key, he or she can impersonate you and claim your crypto assets. If you lose your private key, you will also lose your crypto assets. The public key can be best described using the analogy of a username or an account number. It represents you in a pseudonymous way. It is important to mention at this point that while it is possible to derive the public key from the private key, it is computationally infeasible to derive the private key from the public key. This allows the owner of the key pair to freely share the public key, but remain in exclusive possession of the private key.
The mathematical relation between the keys ensures that messages that are encrypted with a private key can only be decrypted with the corresponding public key (and vice versa). When someone receives a transaction message, he or she can therefore use the supposed originator’s pseudonym (public key) and try to decrypt the transaction message. If he or she succeeds in doing so, this is mathematical proof that the transaction message has been created by the owner of the pseudonym (authenticity) and that the transaction message has not been changed in the course of its journey through the network (integrity). This allows any participant to perform integral validity checks. If, for example, changes to a specific variable on the blockchain must be only performed by the owner of a certain pseudonym, the origin of the transaction message can be verified with mathematical precision, and the changes are only accepted if the transaction message turns out to be valid.
In addition to these cryptographic validity checks, each participant performs a series of script-based tests to ensure that the transaction fulfils all the criteria, e.g. sufficient ac count balances when transferring crypto assets. Additional voluntary requirements may be add- ed through a flexible scripting language.
We now know how transaction messages are shared and verified. However, since we are talking about a distributed network, there is no guarantee that a specific transaction message reaches every participant. Even worse, when there are two conflicting transaction messages, they may reach the various participants in a different order. Consequently, the participants may be in disagreement about the current state of the database and their blockchain versions may be inconsistent.
To make sure that there is an agreement on the current state, the network uses a so-called consensus protocol. Most consensus protocols have some lottery-like pro- cess that periodically chooses someone who may propose the next block, i.e. a set of new transactions. I would like to emphasise that everyone else can still verify the validity of all the transactions in this set and will reject the block if it contains just one invalid transaction. However, if the block is valid, everyone else will add it to their version of the blockchain to make sure that they are not out of sync with everyone else.
Theoretically, we could allow blocks to contain millions of transactions and set the parameters of the lottery in a way that — on average — once every second, we get a winner and therefore a new block. This would lead to impressive performance statistics. However, it would also cause many disagreements among the network participants and essentially render the blockchain useless. The reason why these parameters must be picked conservatively is because the distributed network needs time to exchange the information and reconsolidate into a common state. If too many blocks are created in a relatively short time period, the network will not be able to exchange the information fast enough. Consequently, we would see many different blockchain versions, each of which with a different set of confirmed transactions.
The artificial slowdown of 10 minutes per block (on average) ensures that there is enough time to exchange the information and to reach consensus. This process is what makes truly decentralised and permissionless networks relatively inefficient. Unfortunately, there is an inherent trade-off between decentralisation and performance. Decentralised databases are relatively costly to maintain but very hard to tamper with. Centralised databases are relatively cheap to maintain but prone to attacks, rent-seeking behaviour and manipulation attempts — also a source of significant societal cost. Both have their raison d’être, depending on the use case.
2. Blockchain applications
In this section I will present three of the use cases, which I believe may have a significant impact on our society and economy. This is by no means an exhaustive list, but rather a collection of examples with the goal to visualise the true potential of blockchain.
Let me start the analysis with a personal remark. I highly dislike the term cryptocurrency. In fact, I think it is inaccurate, and puts the emphasis on payment systems instead of censorship resistance and diversification. To be clear: We have many examples of well-functioning (mostly centralised) payment systems, and almost all of them are more efficient and less volatile than bitcoin. In short:
The currency or payment system aspect is definitely not bitcoin’s USP.
To make things even worse, the term cryptocurrency became absolutely meaningless when Facebook and partners announced their own “cryptocurrency” — the Libra. It seems many people fail to distinguish between the term digital currency and cryptocurrency, and they believe that anything that uses the term crypto is truly decentralised.
But let us put semantics aside and focus on what truly makes native blockchain assets, such as bitcoin, unique:
There is no counter party risk. You do not have to trust anyone or rely on any external promises.
You have the option to independently hold on to your assets. Your transactions cannot be blocked by anyone, and you can independently verify every single transaction and easily identify double spending attempts without having to rely on a central party.
You do not have to ask anyone for permission to own native blockchain assets. You may own them, even if you do not have access to the financial system.
The Bitcoin blockchain was the first digital system to achieve these three characteristics in combination. A careful observation reveals that the characteristics are in fact more reminiscent of physical assets, such as gold. This caused many people to argue that bitcoin may become the digital equivalent of gold. It would be presumptuous to claim that bitcoin has a status akin to gold — gold has been a store of value for thousands of years, while bitcoin just celebrated its 10th anniversary. However, when looking at the potential, there is a certain probability that bitcoin may assume a similar role, just as there is a certain probability that bitcoin will vanish. As always, diversification is key. Essentially, native blockchain assets like bitcoin can be seen as an alternative asset class that may protect the owner from certain states of the world with an otherwise undesirable outcome.
A public blockchain may store arbitrary information. In particular, the information is not limited to financial transactions. One of the most promising use cases for a public blockchain is the so-called proof-of-existence. It allows you to prove indisputably that a certain document (or any data for that matter) has existed at a specific point in time. The blockchain basically acts as a distributed public notary service.
The great advantage of this is that information can be notarised without having to reveal it publicly.
Instead of adding readable text to the blockchain, one can store a 256-bit cryptographic representation of the data, the so- called hash value, to the database. This hash value can be thought of as a digital fingerprint of the underlying data and can be recomputed later and compared to the blockchain entry by anyone in possession of the original document. The very large space of potential values and the seemingly random (yet deterministic) nature of these fingerprints prevents anyone who sees the hash value from guessing the corresponding source data. In summary: anyone who has access to the original data can verify the timestamp and the integrity. Anyone who does not have access to the data does not get any information from the hash value.
At the University of Basel, we secure course certificates on the blockchain, allowing anyone who has the diploma to verify if it was issued by the University of Basel and that it has not been tampered with. This is a vast improvement over the paper-based certificates that can be manipulated quite easily. The same process could be used to secure any document, including contracts, patents, and verified identification.
Even in the early days of bitcoin, people have been looking for ways to trade other assets via a blockchain. One of the first ideas was to use “coloured” fractions of bitcoins, to which one could attach additional promises. An appropriate analogy is a 5 dollar bill on which someone writes a promise to deliver an ounce of gold. The 5 dollar bill could freely circulate with its associated promise. Instead of a 5 dollar bill, people simply used a fraction of a bitcoin as a container for the additional value. This approach has several drawbacks and is not widely used.
Most implementations use smart contracts to issue new tokens. These tokens are new IOUs that can be traded independently of the native blockchain asset. Most tokens are issued on the Ethereum blockchain, through the so-called ERC-20 standard. Non-fungible tokens (each is a unique item that only exists once) usually use the ERC-721 standard. Do not get confused by the term ERC and the number. This is simply the name of the standardised smart contract, and it refers to the original proposal.
A third way to issue tokens is through additional layers. OMNI (formerly Mastercoin) and Liquid are two projects that build on the Bitcoin blockchain and allow for the issuance of new assets on a second layer.
No matter how these tokens are created, they could lead to large efficiency gains and make assets more accessible.
Trade processes, including settlements, would be much more efficient; tokens could be securely traded through so-called atomic swaps and the tokens used in the De-centralised Finance ecosystem. In particular, they could be used in smart contracts, trigger interest or dividend payments, represent voting rights, or be used as on-chain collateral for loans. All of these applications are exciting and may lead to many new opportunities. However, the one thing tokenisation cannot solve is the counter party risk involved with external assets. If the issuer of the promise is unwilling or unable to deliver, the token will be worthless. We therefore need a good legal framework that removes as much of the uncertainty as possible.
In this article I have briefly described how blockchain works, what is unique about it, and where I see potential applications, namely native blockchain assets as potential portfolio diversification instruments, proof-of- existence, and the tokenisation of assets. I focused on permissionless and truly distributed blockchains, since I believe this is where most of the innovation potential is. This article is just a very short introduction to the topic. I recommend interested readers consult the referenced sources.
Antonopoulos A. (2017), Mastering Bitcoin: Unlocking Digital Cryptocurrencies (Second Edition), O’Reilly Media, Sebastopol, CA.
Berentsen A. & Schär F. (2017), Bitcoin, Blockchain und Kryptoassets: Eine umfassende Einführung, BOD, Norderstedt.
Berentsen A. & Schär F. 2018, A Short Introduction to the World of Cryptocurrencies, Federal Reserve Bank of St. Louis Review, 100(1), pp. 1–16).
Nakamoto S. (2009), Bitcoin: A Peer-to-Peer Electronic Cash System.
Omni Team 2012, Omni Protocol Specification (formerly Mastercoin), accessed 30/6/2019.
Rosenfeld, M. 2012. Overview of Colored Coins.
Schär F. & Mösli F. (forthcoming), Blockchain Diplomas: Using Smart Contracts to Secure Academic Credentials, Journal of Higher Education Research.
Schär F. & Berentsen A. (2019), Bitcoin, Blockchain and Cryptoassets, MIT Press, Cambridge.