Cryptography for Cryptocurrency

Last year, Conrad Barsk’s Ethereum Meetup had 6 people, now it’s hard to find seating. The revolution has begun and you can feel it in these Meetups. If you haven’t gone to one yet, go. Or join the revolution in other ways: get on a cryptocurrency Facebook group, find a Slack channel, get active in a subreddit or just build something! One thing I found is the community is open and passionate. I filmed Conrad give his talk on Cryptography for Cryptocurrency at one of his Meetups. Video is above or skim the QnA below with Conrad:

What is cryptography?

Historically, cryptography is a method for sending hidden messages- One person encrypts a message using some sort of key and algorithm, the other person then can decrypt it.

What in the world does it have to do with cryptocurrency?

Most cryptocurrencies do not involve the sending of any secret messages, all their information involving transactions in cryptocurrencies like Bitcoin is public and hence there is no need to send “hidden messages” between parties. (However, some newer currencies like Monero or ZCash actually do try to hide transaction details and do use cryptography in the more traditional sense in order to hide information.)

Then why do we need cryptography with cryptocurrency? What purpose does it serve?

Some of the tools that were developed for traditional cryptography turn out to have other useful functions- The two most important of these are hashing and digital signatures. Therefore, even though neither of these involve the sending of “hidden messages” they’re still considered to be forms of cryptography.

Hashing is used by cryptocurrencies to efficiently verify the integrity of data- It’s a method for taking large amounts of data and systematically representing it as a short number that is difficult to replicate. Hashing is used heavily to maintain the structure of blockchain data, which holds people’s account balances. Also, it is used to encode people’s account addresses and as part of the process of encoding transactions between accounts. Finally, hashing is used to generate math puzzles that make “block mining” possible, a key feature in many cryptocurrencies. Hashing makes heavy use of block cyphers, a technology that was originally used for traditional cryptography.

Digital signatures allow a person to take a bit of secret information they own and to prove they own that information, without divulging it. Cryptocurrencies allow users to sign monetary transactions with these digital signatures to prove to the network that the owner of an account holding money agreed to a transaction to spend that money. Digital signatures, as used by cryptocurrencies, evolved from “Elliptic Curve Cryptography” which again is a technology that originally was used to create “hidden messages” as part of traditional cryptography.

ELI5 what cryptography does Bitcoin use and why?

Bitcoin uses an algorithm called SHA256 (also called SHA2–256) for organizing block data, for the block mining algorithm, and as part of the process for encoding transactions and user accounts (user accounts also use another hashing algorithm called RIPEMD-160)

Bitcoin uses the ECDSA elliptic curve algorithm for digital signatures.

What About Ethereum?

It, instead, uses SHA3 to organize block data, as part of the mining algorithm, and for encoding transactions and user accounts. (More specifically, a variant of SHA3 called SHA3-Keccack) It still uses ECDSA for digital signatures, as with Bitcoin.

Something interesting I learned in your talk is if you send money to an Ethereum address that does not exists, you lose it. Why?

As we mentioned, cryptocurrencies use hashing as part of the process of generating account addresses- In the case of Ethereum, these account addresses are 20 bytes long, and theoretically any 20 byte string could be a valid ethereum address, depending on the result of the hashing step: The ethereum network has no intrinsic way of knowing if a certain address was mistyped, and hence it’ll let you send money to a nonsense account address such as “0x0000000000000000000000000000000000000000” if you ask it to. If you do this, your money essentially falls into a “black hole” and nobody will ever be able to recover it again.

Thankfully, this problem has been mitigated somewhat recently through a new feature named “mixed-case checksum address encoding” that will allow programs to generate an error for most forms of mistyped address.

WTF are Merkle trees and should I care?

Merkle trees are a technique involving hashing that allow you to prove to another person that a large file contains a small piece of data, without the other person needing a full copy of this data.

You should care because Merkle trees allow cryptocurrencies to run efficiently on constrained hardware devices like cell phones, and allow smart contracts (part of the ethereum system) to interact with large data structures. Since both cell phones and smart contracts are likely to play a big role in the future, you’ll likely hear a lot more about merkle trees in years to come.

Update 2020: I have a new crypto investing app called Prospero.
Prospero is gamified DEFI and cryptocurrency investing.
Please visit the link and check it out. I would love to hear what you think about it.