The blockchain – usually you think of a Bitcoin first or even exclusively. But actually a blockchain is initially only a decentrally stored, arbitrarily expandable list of records that are cryptographically secured so that they can not be changed or deleted after saving. The records stored in the blockchain may consist of anything and are by no means limited to cryptocurrency transactions. But let’s start at the beginning, the Blockchain has not fallen from the sky, but builds on previous developments.

A little history

In 1991 , Stuart Haber and W. Scott Stornetta published a procedure to use timestamps to ensure that the release date or time of the most recent digital data change can neither be backdated nor postdated. In 1992, Dave Bayer, Stuart Haber, and W. Scott Stornetta expanded this process by using hash trees (sometimes referred to as Merkle trees by their inventor) so that various documents can be grouped together in one block, which then has a timestamp receives .

Hash trees consist of hash values, as the name implies. The leaves are hash values ​​of data blocks such as For example, files. Higher up in the tree are hash values ​​of their children; the root of the hash tree is called root hash, top hash or master hash. This root hash can be used to check whether a given tree is unchanged. If the root hash comes from a trusted source, the rest of the tree can also be obtained from an untrusted source; If the root hash of the tree does not match the trusted value, the tree has been manipulated and must not be used. The advantage of the hash tree over a hash list is that each branch of the tree can be individually checked for integrity.

In 1996, Ross J. Anderson presented the Eternity Service , which prevents the censorship of electronic documents. The idea: The documents are stored on a large number of computers, eg. As the Internet, distributed. Crypto processes detect copies of copies. In 1998, Bruce Schneier and John Kelsey described a method to use crypto- methods to keep secure logs on untrusted machines.

In 2008, the concept of Bitcoin and Blockchain as a distributed database management system was described in a paper . Whether the author of the paper, Satoshi Nakamoto, is a real person, a pseudonym or even a group of people is not known. The first implementation of Bitcoin software and thus the first blockchain used was released the following year.

The security of the blockchain

Because each block contains the hash value of the header of its predecessor, the blocks are linked together and protect each other from both random changes, e.g. B. by memory or transmission errors, as well as against targeted manipulation. If the data stored in a block subsequently changes, its hash will also change, causing it to no longer match the value stored in the next block.

In addition, the predecessor hash is part of the header and thus also flows into the calculation of its own hash value, which is stored in the header of the next block. To be able to manipulate the data unnoticed in an existing block, therefore, the entire block chain would have to be recalculated starting from this block. This is theoretically possible, but on the one hand this would be noticeable in a decentralized blockchain, and on the other hand, the further the block to be manipulated lies in the history of the blockchain.

Establish consensus in the network

The blockchain is based on a P2P network. Therefore, there must be a regulation that determines how a new block is appended to the chain. It would be quite unfavorable if several people at the same time attach a new block to their local version of the blockchain and then distribute it. Which version would be the right one? And what happens to the “wrong”? For attaching new blocks, therefore, a consensus procedure is used. The best known is the so-called proof of work, which also increases security.

Proof of work

In the proof of work, the person may contribute a certain block, which is a task i. A. a cryptographic puzzle, first to solve. For this example, it is required that the hash value of a valid block obeys a certain rule, eg. B. that it is not greater than a specified upper limit. Now the hash value is always the same over the stored hash values ​​and the timestamp. And this is where the nonce value comes into play: it must be changed until the hash value, which is recalculated with each new nonce value, satisfies the rule. Unless the hashing algorithm used contains a vulnerability, the only way to calculate a valid block (= hash value) is to try and pass values ​​until it fits. If you first present a valid hash value, you can attach the block to the blockchain – and usually get a reward for it.
Valid is always the version of the blockchain into which most of the work has gone.

The 51 percent attack

The proof of work is a possible attack to manipulate an existing block. If the attacker owns more than half of the computing power used for mining, he can calculate an alternate history, which then becomes a reality. And then it would be possible, for. B. to spend money twice; or whatever else the attacked Blockchain offers for manipulation.
Further approaches

The Proof of Work approach has one major drawback: it consumes vast amounts of energy. But there are also more environmentally friendly approaches, which are presented below.
Proof of Stake

An alternative approach to granting block privilege is called a proof of stake. The probability of generating a valid block does not depend on the computing power used, but on how long the user is a member of the network or how much of the crypto currency he owns. Who z. B. has one-third of all coins has a chance algorithm of a chance of one to three to create a new block.

Proof of Authority

Another concept is that only certain, trusted users are allowed to create new blocks. For example, hospitals could use a blockchain to track infections in a particular area. Each hospital then receives its own signature key, which authorizes the creation of new blocks. Doctors or health insurance companies could then understand the data, but attach no own data to the block chain.
However, this approach contradicts the very concept of blockchain that there is no central place and everything is organized decentrally.

From theory to practice

This is just the basic operation of a blockchain. For an application still missing some important building blocks: Someone must check yes, whether the stored data are also correct, thus whether the demanded transaction for example really should take place. And somebody has to calculate the hash values. Both depend on the particular application and the best known will be in the next section.

Bitcoin and Co.

A basic problem of digital currencies is their ease of copying: Digital data and thus a digital coin can be copied as often as you like. For a long time, the solution to this problem was that a trusted central authority oversees the path of each coin. I. A. refrains because they have no advantages to the normal money and banking system.

Bitcoin and other cryptocurrencies – for simplicity’s sake, I’ll use Bitcoin as a label – should do without a trusted third party. So a way had to be found to prevent multiple spending without coordination. The solution is to keep public accounts in the blockchain. It contains all the transactions that have ever taken place, so that it can also automatically read out how many Bitcoins a certain user owns. The user is only identified by his Bitcoin address. As long as he does not identify himself outside the Bitcoin system, this user can not be assigned to a real person.

The Bitcoin Blockchain

The blockchain is stored and managed in a peer-to-peer network. The nodes of the network are managed by the so-called maintainers. The users of the cryptocurrency, who themselves do not need to be maintainers, access the P2P network with a client called a wallet and execute transactions there.

The wallet can be either software on the user’s machine, or an independent hardware wallet. But this is just a specialized mini-calculator that runs a wallet software. There are also wallets as web applications – but why trust third parties to manage their wallets?

When set up, the wallet generates a public key pair. The private key protects the bitcoins contained in the wallet. Who owns it, can spend the bitcoins. The already mentioned Bitcoin address is a fingerprint of the public key. When a user wants to output bitcoins, his wallet sends a transaction message with the information to the bitcoin network as to how many bitcoins he wants to transmit to which bitcoin address. So that no one can carry out transactions on behalf of a third party, thereby the Public Key procedure is used: Only by the user with his private key signed transactions are executed in its name.

When a node receives a transactional message, the computer automatically checks, based on the locally stored blockchain, whether the sender really owns the mentioned amount of bitcoins. If so, and some other criteria are met, the transaction is valid and will be forwarded to all reachable nodes. This process repeats until the message has been propagated across the network.

With the dissemination of the transaction message, the transaction itself has not yet been completed. For this purpose, it must be recorded in the blockchain, only then can the receiver have the bitcoins. Since this can take some time, Bitcoins are only partially suitable as an instant means of payment.

So the transaction comes in the blockchain

Certain maintainers, the miners, collect the transactional messages and group them into a block attached to the blockchain. Because it would cause great chaos if everyone did freely at will, each block (as described above in the Proof of Work) must meet a validity criterion, namely a hash value below a certain upper limit. At present, it is required that the first 18 digits of the hash value are 0.

This criterion makes the mining of a valid data block extremely expensive. If you first calculate a valid hash value, you can attach the block to the blockchain. For the calculation of the hash value, the miners are rewarded with a certain number of new bitcoins, currently 12.5. The successful miner has thus “scratched” 12.5 new Bitcoins through his computing work.

In addition, the miners will receive transaction fees from the clients for the transactions. The more the client pays for entering the transaction into the blockchain, the faster his transaction is processed.

Where are the bitcoins?

If you’re wondering where to see your own bitcoins now, I have to disappoint you. It does not exist at all, at least not in its own form. There are also no Bitcoin accounts that show the user’s credit. The “credit” displayed by the wallet is simply the credit received for its own Bitcoin address that has not yet been reissued.

An example of a transaction

Let’s say Alice has transferred 5 Bitcoins to Bob. A part of it, z. Bob wants to transfer to Carol, for example, three Bitcoins. To do this, he creates a transaction that must contain the following data:

• Bob’s public key as sender,
• Carol’s Bitcoin address as the recipient
• and the amount of three bitcoins to be transferred.

This transaction then signs Bob with his private key so that it can not be tampered with. He then sends it to the Bitcoin network. Bob’s Bitcoin address can be calculated from the public key so that it can be checked in the blockchain whether he actually received the amount to be transferred in advance and has not yet reissued it.

After reviewing this transaction and adding it to the blockchain, Bob can only have two bitcoins from the Alice transaction, but Carol now owns three bitcoins from the Bob transaction.

And what are the bitcoins now worth?

Nothing at all, because the bitcoins have no material value. Although much energy is wasted on their production, it is gone without there being any material equivalent. As a comparison, I like to take aluminum blocks. Their production is also extremely energy-consuming, but then you have at least something in the hand that you can further process.

Strangely enough, you can pay something with Bitcoins and even exchange them for real money. So they have a value. And they are always worth as much as someone is willing to pay for it. So far, this works: there are always people who are willing to spend more real money (or equivalent in value, etc.) for bitcoins than the previous owners have paid or used as a miner.

Whether this always stays that way is not said. Do you know these more or less colorful paper slips with values ​​such as “1,000 million marks,” which can be bought at flea markets?

They were also worth something, as emergency money during the hyperinflation in 1923. In the meantime, you can not even use them as a smear paper because both sides are printed.

Let’s just wait for bitcoins; Maybe they will be successful in the long term as a barter object. Because more money is not really, a barter object. In the past you used to pay with shells, then with real gold, now with printed paper and numbers on account statements.

Other applications of blockchain

But let us now turn to other uses of blockchain. One possibility is so-called smart contracts.

Smart Contracts

In general, smart contracts are computer protocols that depict or verify contracts. Smart Contracts technically depict the logic of the contractual arrangements, allowing automatic verification of compliance. Smart Contracts seeks to increase contract security over traditional contracts while reducing the cost of transactions as much as possible.

In principle, smart contracts are executable program code, usually in the form of an if-then condition: as soon as an event with direct reference to a contract content has occurred, an associated action is triggered. A smart contract for a car purchase could, for. B. automatically unlock the digital car key for the buyer after the agreed purchase amount has been received in the account of the seller. In the case of installment payments, the car could be automatically locked if there is no payment, etc.
Smart contracts for insurance

A practical application of smart contracts with a blockchain are the insurance against flight delays, which are sold by the insurance company AXA at ​​https://fizzy.axa and which automatically pay off in the event of a delay.

When booking the insurance, all necessary data is stored in an Ethereum Blockchain. The actual and target landing times of all insured flights are automatically reconciled by the insurance calculator. If an insured flight arrives late, all insured passengers are automatically identified and the insured amount is paid to them. The insured does not have to request, complete and return the claim form, submit any confirmations, and not wait for the agent to release the claim.

Smart Contracts with backdoor

However, smart contracts have one caveat: they are code, and code can contain vulnerabilities. Or deliberately built-in backdoors, which cause the smart contract does not behave as the contractors expect it. Or how one of the contractors expects it, if the other has manipulated the code so that z. B. decisions are taken to his advantage.

In 2017, the 1st Underhanded Solidity Coding Contest was held, with the aim of formulating a smart contract that looks harmless but actually contains hidden features. After all, the result was 23 submissions, all of which somehow ensure that one of the contracting parties benefits without being noticed at first glance.

Supply Chain meets Blockchain

The blockchain could also be used to monitor supply chains, as a case study shows . Once caught, fish or seafood will be fitted with IoT-enabled sensors. The sensors continuously send data such as time and position as well as temperature to the blockchain, as well as logging transits throughout the supply chain; that could be z. B. look like this:

• Register the fish after catch by the fisherman
• Sale of the fish from the fisherman to the fishmonger
• Logging of IoT telemetry and temperature during transport
• Sale of the fish from the fishmonger to the restaurant
• Logging of IoT telemetry and temperature during transport
• Processing of the fish, sale of the finished fish dish to a restaurant guest

The guest can then trace the path of “his” fish back to the fisherman, checking that the fish is fresh and that the cold chain has not been interrupted at any point.

Likewise, the path of a fish from catch to frozen fillet in the supermarket or whatever. And of course, the same applies to all other types of supply chains. You could z. For example, the packaging of hard drives is equipped with IoT-capable acceleration sensors to check whether they may have been handled too rudely during transport and therefore premature wear is to be expected.

The blockchain becomes mobile

The automakers BMW, Ford, General Motors and Renault, together with suppliers, insurance companies and other companies, set up a new consortium in early May 2018 to promote the use of blockchain technology in vehicles and traffic engineering: the mobility open blockchain initiative ( mobi ).

Above all, mobi has an advantage in my view: if the manufacturers work together and everyone no longer cooks their own soup, then in the end something might come out that benefits all drivers, and not just those of a certain brand. Because approaches to use the blockchain in the mobility sector, there are already several. Only these were always isolated solutions of individual manufacturers. So there are z. B. Try to equip cars with their own wallets , so they z. B. parking fees or pay the charge for e-cars automatically and independently. Since it would be extremely convenient if this works everywhere and with all vehicles, and is not limited to specific vehicles in certain parking lots.

Running! Not right! Depends on!

In the financial industry, the initial euphoria over the blockchain as technology has already flattened again . Switching off middlemen, accelerating transactions, cutting costs – everything does not work as well as expected. Partly you promised too much (or promise), you just wanted to be part of the hype.

But that could have been easier, as the American iced tea maker Long Island Iced Tea Corporation has proved. He changed his name to “Long Blockchain Corporation” in December 2017 and announced his intention to focus on exploring and investing in blockchain technologies in the future. But that is all still in a very early stage, parallel you will continue to operate the iced tea production as a subsidiary. This “We’ll do something with Blockchains, maybe, sometime and somehow,” was enough to drive up the Corporation’s stock price.

Malware in the blockchain

At the Black Hat Asia 2015, Christian Karam of the Research and Innovation Sub-Directorate of INTERPOL and Vitaly Kamluk of the Kaspersky Lab warned against malicious software in Blockchain, especially Bitcoin. Although no malicious code can be injected via the blockchain because it is not executed (although it would be possible to exploit an exploit for a vulnerability in Wallet or other Bitcoin software), it could, for B. serve as a command-and-control channel, or to disseminate extensions for already introduced elsewhere on the computers pests. The problem with this: Since the blocks of the blockchain can not be subsequently changed, no harmful content can be deleted from them.

Already in 2014, a joke biscuit entered the virus signature of the DOS virus Stoned in the Bitcoin Blockchain, whereupon at least Microsoft’s anti-virus program Security Essentials has sounded the alarm . This was of course complete nonsense, because on the one hand was a boot sector virus that can attack only floppy disks, but no files, and on the other hand, he was not even complete, but only available as a signature. But it’s great that the virus scanners are still fending off attacks by 25-year-old pests. Nonetheless, the example shows that such an attack could well paralyze the blockchain.

Conclusion

Let’s be clear: The Blockchain is a special type of database, similar to the general ledger of accounting, in which all the cash flows of a company are recorded. Therefore, the blockchain in English sometimes referred to as a ledger. And you could also consider it as a kind of “eternal logbook”, which depending on the implementation gets by without a trustworthy central office. And this database is tamper-proof and can do without a trustworthy instance.

This solves many problems, such. For example, the duplication of cryptocurrencies or the tracking of supply chains. Other, such. The protection of privacy, but again not: Bitcoin users are protected by pseudonyms, but they can be resolved in the evaluation of all transactions of a user under certain circumstances.

You can do a lot of interesting things with the Blockchain. But in the meantime, for my taste, it is too often touted as a panacea for all problems. Some proposed solutions are only due to the hype. You just want to do something with the blockchain because that’s what everyone is doing – even if it’s not really necessary or even counterproductive, because it would be way too elaborate and complicated.