Blockchain login password
bitcoin, Ruitai coin, Laite coin, Ethereum and other digital cryptocurrencies all use blockchain technology
blockchain is an important concept of bitcoin, which is essentially a decentralized database and the underlying technology of bitcoin. Blockchain is a series of data blocks generated by cryptography. Each data block contains the information of a bitcoin network transaction, which is used to verify the validity of the information (anti-counterfeiting) and generate the next block.
whether it's the introction in the network, the answers given by everyone, or the simple and easy to understand introction, you may not really understand blockchain. It's recommended to read more relevant information to understand its landing application. Cryptofinance focuses on blockchain information
One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring a major security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can attack successfully only when they hold more than 51% token, which is more difficult than 51% computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring greater losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contract, and the other is to follow the principle of smart contract security development
the security development principles of smart contract are: to be prepared for possible errors, to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
The second is to check the hash value before installing the software to ensure that the digital wallet software has not been tampered with The third is to use cold wallet The fourth is to back up the private keythe private key is everything and must not be told to anyone
as long as there is a private key, you can re import the wallet and reset the wallet security password
a BTC account can have many addresses, so the least important one is the address. No matter how unimportant, you can't just tell others.
blockchain is composed of a series of blocks generated by cryptographic algorithm. Each block is filled with transaction records, and the blocks are connected in sequence to form a chain structure, which is the blockchain ledger
taking bitcoin as an example, when miners generate new blocks, they need to calculate the new hash value and random number according to the hash value of the previous block, the new transaction block and the random number. In other words, each block is generated on the basis of the previous block data, which ensures the uniqueness of the blockchain data
because subtle changes in transaction records will completely change the result of hash value, miners can't cheat when competing for computing power. Each miner must wait until the previous block is generated before starting to calculate the qualified random number according to the data of the previous block, which ensures the fairness of mining.
asymmetric encryption algorithm is a function that converts the original plaintext file or data into a series of unreadable ciphertext codes by using an encryption key. The encryption process is irreversible. Only holding the corresponding decryption key can the encrypted information be decrypted into readable plaintext. Encryption enables private data to be transmitted through the public network under the condition of low risk, and protects the data from being stolen and read by the third party
the core advantage of blockchain technology is decentralization, which can realize point-to-point transaction, coordination and cooperation based on decentralized credit in a distributed system without mutual trust by means of data encryption, time stamp, distributed consensus and economic incentive, so as to solve the high cost and low cost of centralized institutions Low efficiency and data storage insecurity provide solutions
the application fields of blockchain include digital currency, token, finance, anti-counterfeiting traceability, privacy protection, supply chain, entertainment, etc. with the popularity of blockchain and bitcoin, many related top domain names have been registered, which has a great impact on the domain name instry.
As an emerging technology, blockchain has attracted more and more attention. It is a new application of traditional technology in the Internet era, including distributed data storage technology, consensus mechanism and cryptography. With the establishment of various blockchain research alliances, more and more funds and personnel support related research. Hash algorithm, zero knowledge proof, ring signature and other cryptographic algorithms used in blockchain:
hash algorithm
as the basic technology of blockchain, the essence of hash function is to map a set of data of any length (limited) to a set of defined length data stream. If this function satisfies the following conditions:
(1) the calculation of hash value for any group of data is very simple
(2) it is difficult to find two different data with the same hash value
hash functions satisfying the above two properties are also called encrypted hash functions. In case of no contradiction, hash functions usually refer to encrypted hash functions. For the hash function, finding such that is called a collision. The current popular hash functions are MD5, SHA1, Sha2, Sha3
bitcoin uses sha256, and most blockchain systems use sha256 algorithm. So here's sha256< Step 1: additional filling bits. The length of the message is congruent with that of 448 mod512 (length = 448 mod512). The number of bits to be filled ranges from 1 to 512. The highest bit of the filled bit string is 1, and the rest bits are 0
Step2: additional length value. The bit length of the initial message (before filling) represented by 64 bit is appended to the result of step 1 (the low byte takes precedence)
Step3: initialize cache. A 256 bit cache is used to store the intermediate and final results of the hash function
Step 4: process 512 bit (16 word) packet sequence. The algorithm uses six basic logic functions and consists of 64 steps of iterative operation. Each step takes the 256 bit cache value as the input, and then updates the cache content. Each step uses a 32-bit constant KT and a 32-bit wt. Where WT is the packet after the packet, t = 1,2,..., 16
step5: after all 512 bit packets are processed, the output of the last packet of sha256 algorithm is 256 bit packet< In 2001, Rivest, Shamir and TauMan proposed ring signature for the first time. It is a simplified group signature, only ring members have no manager, and it does not need the cooperation between ring members. In the ring signature scheme, the signer first selects a temporary signer set, which includes signers. Then the signer can generate the signature independently by using his private key and the public key of others in the signature set without the help of others. Members of the signer collection may not know that they are included in it
ring signature scheme consists of the following parts:
(1) key generation. A key pair (public key PKI, private key ski) is generated for each member of the ring
(2) signature. The signer uses his private key and the public keys of any n ring members (including himself) to generate the signature a for the message M
(3) signature verification. According to the ring signature and message M, the verifier verifies whether the signature is signed by the member in the ring. If it is valid, it will be received, otherwise it will be discarded
ring signature satisfies the following properties:
(1) unconditional anonymity: the attacker can not determine which member of the ring generated the signature, even if the private key of the ring member is obtained, the probability is not more than 1 / n
(2) Correctness: the signature must be verifiable by all others
(3) unforgeability: other members of the ring can't forge the real signer's signature, and even if an external attacker obtains a valid ring signature, he can't forge a signature for message M
(1) anonymity. The verifier can verify that the signature is signed by a member of the group, but can't know which member it is, so that the signer can be anonymous< (2) traceability. In group signature, the existence of group administrator ensures the traceability of signature. The group administrator can revoke the signature and expose the real signer. The ring signature itself cannot reveal the signer unless the signer wants to expose or add additional information to the signature. A verifiable ring signature scheme is proposed. In this scheme, the real signer wants the verifier to know his identity. At this time, the real signer can confirm his identity by disclosing his secret information< (3) management system. Group signature is managed by group administrator, ring signature does not need to be managed, signer can only select a set of possible signers, obtain its public key, and then publish the set, all members are equalthe Xueshuo innovation blockchain Technology Workstation of Lianqiao ecation online is the only approved "blockchain Technology Specialty" pilot workstation of "smart learning workshop 2020 Xueshuo innovation workstation" launched by the school planning, construction and development center of the Ministry of ecation of China. Based on providing diversified growth paths for students, the professional station promotes the reform of the training mode of the combination of professional degree research, proction, learning and research, and constructs the applied and compound talent training system< br />