All posts by Steve Bailey

8 Fun Facts about Bitcoin

So everyone knows the standard stuff about Bitcoin.  Today, I thought I'd take a break from the standard "how to make money" with Bitcoin stuff and give you 8 fun facts about our favorite cryptocurrency. Use these to impress your friends at the next party you go to.

1. Golden Toppings

bitcoin pizza

The first official purchase using Bitcoin was for Papa John’s Pizza in 2010. Laszlo Hanyecz paid 10,000 Bitcoin for two pizzas, worth $41 at the time.

I wonder how he feels now that it would be worth $40+ Million? (Probably more by the time you read this).

I wonder even more if Papa John kept them?

Golden toppings indeed, well, if the pizza was topped with 950 kilograms of gold.

2. High School Kid Made $1 Million on Bitcoin

Erik Finman, an american lad who dropped out of high school early, decided to start investing in Bitcoin when it was worth $12. He now owns 403 Bitcoin, worth around $1.09 Million.

Not bad for a high school dropout...

Erik Finman

3. Cryptically Creative, or Plain Nonsense??

Anagram

The phrase “Bitcoin Creator, Satoshi Nakamoto.” is an anagram of “Cash Miner, too basic to knot a ratio.”

A clue to the creator’s real identity, a hint as to the real intention of it’s creation, or complete internet nonsense.

I’ll let you decide.

4. Bitcoin is Projected to Reach One Million Dollars in 10 Years

bitcoin price in 10 years

There are plausible predictions from influential experts, including Erik Finman, who say Bitcoin may well be worth $500k - $1M within 10 - 15 years.

If this is the case, then we still have a long way to go.

Buckle up people.

5. Bitcoin Mining is Profitable Only With a Supercomputer

Chinese Bitcoin Mining Farm

Is bitcoin mining worth trying? The short answer is no. Not because it’s difficult. All you need for the process is a computer.

The problem is the power.

To attain Bitcoin, miners use special software to solve math problems and are issued a certain number of bitcoins in exchange. This provides a smart way to issue the currency and also creates an incentive for more people to mine. Easy right?

But this takes power, and a lot of it. For small time players, it is simply not profitable enough. The cost of the power consumption makes it a difficult business to be in. Not to mention that bitcoin’s mining difficulty is increasing constantly!

Unless you get free electricity, I’d strongly advise against it.

6. Power Struggles

Speaking of electricity… As of July 2017, Bitcoin mining ranked 71st in the highest power usage worldwide. That’s more than all of Iceland.

7. The End of Bitcoin is Near?

BItcoin 21 million in existence

I’m kidding. Bitcoin is in its infancy. However, it was predicted in February 2017 that in 2018 80% of all Bitcoin will have been mined.

Think about it though, what happens when all 21 Million Bitcoin have been mined? Unless we see major changes to the original Bitcoin protocol then Bitcoin becomes even more valuable.

Diamond in the rough?

8. Could Satoshi be Hiding in Wait?

Satoshi Nakamoto

Wallets linked to the original coins, mined in the first days of it’s existence, are all linked to the anonymous person, or group, called Satoshi Nakamoto.

These wallets hold roughly 1 Million Bitcoin.

THAT’S OVER $4 BILLION!

There is a theory that these wallets, which hold 4.8% of all Bitcoin, could come back into circulation when there is no more to mine.

The Bitcoin reserve, if you will ?

Continue reading

What Is A Bitcoin Wallet?

If you want to know how to move money around in the cryptocurrency world, you have to know what a wallet is. In this video, I try to explain what a bitcoin wallet is, why you have many of them, and how to move money around between them.

If you are just getting started, go to http://mybtcjourney.com/getcoinbase and download the coinbase app on your phone (or set up an account on your PC) to buy your first Bitcoin. If you use my referral link, you get $10 worth of free Bitcoin after you purchase $100 of it.

Download Exodus here: http://exodus.io

Check out the Trezor Hardware Wallet: http://mybtcjourney.com/trezor

Or the Ledger Hardware Wallet: http://mybtcjourney.com/ledger

If you want to step your game up, take a look at http://btcresiduals.com. This is a tool I’m using to auto trade my bitcoin and grow my holdings without increasing my investment.

Continue reading

What Do I Need To Know To Buy And Sell Bitcoin?

You can get lost in the details of Bitcoin or you can watch this video and learn just what you need to invest some money in it and ride the rocketship with the rest of us.

Get a coinbase account by using this link and get $10 free dollars worth of bitcoin when you buy $100 worth: http://mybtcjourney.com/getcoinbase

If you want to step your game up and compound your bitcoin holdings, you can check this out too: http://btcresiduals.com

Continue reading

My Bitcoin Mining results after 24 hours

So if you saw my post yesterday, you know that I stared a mining experiment.  The mining has been going for 24 hours straight and here are my results:

The mining pool that I’m participating in will find the most profitable coin to mine at that particular time.  This is why I’m mining several different coins.  However, the pool also shows you the monetary equivalent of all coins converted to bitcoin.  In the lower right hand corner, you can see the value of all my mining operations is 0.00006279 BTC.

At the time of this writing, 1 bitcoin was worth $1926.27.  This means that my mining operation generated a whopping $0.12 USD in bitcoin equivalent cryptocurrency.  Not a lot of money, to be sure but let’s take a look at the power I consumed during that time…

If you remember, my rig is drawing approximately 11.1 Watts.  Over the course of 24 hours, that’s 0.2664 Kilowatts.  My electric company charges me approximately $0.07 per Kilowatt.  This means I spent approximately $0.018648 in power consumption.  That’s $0.101352 in profit for 24 hours.  Not going to move to Tahiti on that but let’s scale this a bit.

$0.101352 per day x 364 days a year = $36.89 in profit over the course of 1 year.

Now let’s run that through our USI Tech account to see how much money that means in the course of 1 year if we use the USI Tech system to compound our money.

Because USI Tech operates exclusively in Bitcoin, we’re going to go back to our original mining amount of 0.00006279 per day.  Remember, that’s a bank breaking $0.12 per day or $43.68 per year (not excluding power costs).

Because the price of 1 USI Tech package is based on the BTC equivalent value of 50 Euros, when the price of bitcoin is low (as it is today) the price of a USI Tech package is more.  When the BTC price increases, the price of a USI Tech package decreases.  However, today, the price is 0.03049.

Now, we only have 0.00006279 in our account after 24 hours or 0.02285556 after 1 year, we will not be able to purchase a package after 1 year on mining alone.  The purpose of this exercise is to show you the power of the USI Tech trading and compounding system.  So we will do the math based on 1 package and then divide that result by 74.9% (The amount of a package we would be able to purchase after 1 year).

So, let’s run it through the calculator. Since USI Tech packages are contracts that expire after 140 trading days (Monday – Friday) that would equate to 261 trading days in a year.  USI Tech says they will provide 1% return on capital for 140 days or 140%.  So if we buy 1 Bitcoin, after 140 trading days (or 261 calendar days), we will have 1.4 Bitcoin.  USI Tech also has the ability to roll your profits (or compound them, depending on your language) into purchasing additional packages.  So once you have enough profit to make another package purchase, USI Tech will do it automatically for you. The calculator takes this into consideration.

OK, enough chit chat.  Here’s the math:

So, a single package purchased today at 0.03049 BTC would net a return of 0.041699269041599 BTC.  In USD this means $58.69 worth of Bitcoin would be worth $80.27 assuming Bitcoin held it’s current value and didn’t go up or down 1 year from now.

So, let’s back track this into our mining endeavours…

At the end of a year, we would have 74.9% of what we need to purchase 1 bitcoin package.  If we were able to buy fractional packages, our 0.02285556 Bitcoin would be worth 0.0312327525121577 BTC.  In USD this means that our $43.68 would be worth $60.12.  And our power investment is only $36.89 over the year.

Nothing crazy to break the bank but it does prove that mining is still profitable today.  And when you combine that with the power of compounding capital at USI Tech, there is the real potential to make money with little effort on my part.

Continue reading

Trying My Hand At Scrypt Mining

So, I’ve spent the last several days just sitting back and watching my USI Tech account accumulate value.  Since I have some spare hardware lying around, I thought that today I’d try some crypto mining and see what happens.  Now I’m not deluding myself into thinking I’m going to make a ton of money doing this.  I’ve known for a long time that mining for cryptocurrency is an uphill battle against the big mining farms all over the world where the electricity prices are ridiculously cheap. So let’s dig in.

There are plenty of sites that talk about mining bitcoin and mining altcoins so I will give you my simple definition.  If you want a more detailed explanation of what’s going on, you can search google. In a nutshell, mining involves using a computer (or dedicated hardware) to solve a complex math problem.  If you solve it, you are awarded a small amount of the coin you are mining for. There are two basic algorithms used by all the miners in the world. The first is primarily used for Bitcoin and that’s SHA-256.  The one I’m focusing on today is used by most altcoins and that’s scrypt.  Different hardware is used for each algorithm so it’s rare to have a single hardware solution that mines for both SHA-256 and scrypt currencies.

I’m focusing on scrypt mining today for two reasons. First, most altcoins can still be profitable in the right conditions.  You determine whether or not it’s “profitable” to mine based on how many coins you can mine per day and the amount of electricity it takes to mine those coins.  If you can make more money than it costs to power the unit, it’s a profitable venture. Second, I have some spare hardware lying around that is capable of mining scrypt.

So, to get started, here’s a list of all the items I’m using:

  • Gridseed ASIC Miner – It’s old and there are better units available but if you just want to experiment, you can pick one of these up on eBay for around $50
  • Raspberry Pi Starter Kit – One of the coolest little computers you will find anywhere. So versatile.  If you get tired of mining, you can use it for a lot of other fun little projects
  • P3 P4400 Kill A Watt Electricity Usage Monitor – This useful little device shows you how much power you are using.

You will want to plug the Gridseed and the Raspberry Pi into a power strip and plug the power strip into the Kill A Watt so you can see how much power you are using to do the mining.

Setting it all up

Configuring the Raspberry Pi

OK, this is going to get a bit technical but this is a step by step guide to getting the Gridseed miner working with a Raspberry Pi in 2017. Most documentation on setting up this ancient piece of hardware are several years old and the links are all dead now but I did find this guide which seems to be working so far. I’m going to walk through this and document the process.

  1. Download NOOBS – Just like with any computer, the Raspberry Pi needs an Operating System (OS) to run. From my laptop, I went to the Raspberry Pi official website and downloaded the NOOBS installation package.
  2. Install NOOBS – I’m a big believer in not reinventing the wheel.  The folks over at the official Raspberry Pi website have put together some great instructional videos on how to install NOOBS. Check out their training video page here.
  3. Once NOOBS was installed, you come to the desktop screen below.  Press Ctrl-ESC (unless you have a mouse connected, which I do not) to open the Raspberry menu
  4. Click Preferences / Raspberry Pi Configuration
  5. Change the Pi to boot to CLI mode (since we don’t need the GUI to run mining).
  6. Do a shutdown / restart to reboot in CLI mode.  If you changed nothing else, it should automatically log in as the default user, pi.
  7. If you’re using a wifi adapter, you have to do the following steps as well:
    1. sudo vi /etc/wpa_supplicant/wpa_supplicant.conf
    2. Add the following:
      network={
      ssid=”your SSID”
      psk=”your SSID password”
      }
    3. Reboot the pi and type ‘ifconfig’ to get the IP address of the unit.  If you don’t care what the IP address is, you’re done.  If you want to manually set the IP address, continue to the next step.
    4. sudo vi /etc/network/interfaces
    5. Add the following:
      iface wlan0 inet static
      address 192.168.1.30
      netmask 255.255.255.0
      gateway 192.168.1.1
  8. Now your Raspberry Pi is online, on the network, and ready to be configured as a mining node

Installing CGMiner on the Raspberry Pi

  1. Use a tool like Putty to connect to your Raspberry Pi (in my example I’ll be connecting to 192.168.1.30 using the default user, pi)
  2. Once you’re in, you should be able to detect the Gridseed when you ssh into it and type lsusb command:
    pi@raspberrypi16:~/cgminer-gc3355 $ lsusb
    Bus 001 Device 006: ID 0483:5740 STMicroelectronics STM32F407
  3. Now that your device is connected and ready to go, let’s get the mining software. There is a fork of cgminer, that is specifically designed for the Gridseed that we will use. Let’s go clone it.
  4. Install git:
    $ sudo apt-get install git
  5. You need to install these packages:
    $ sudo apt-get install libncurses-dev libcurl4-openssl-dev libudev-dev
  6. Clone cgminer:
    $ git clone https://github.com/dtbartle/cgminer-gc3355.git
  7. Build cgminer:
    $ cd cgminer-gc3355
    $ ./configure -enable-scrypt -enable-gridseed
  8. Go grab a cup of coffee. This might take awhile to configure.
  9. What you are looking for is that GridSeed.ASIC is enabled.  If it is, type ‘make’ to finish the build.  Go get another cup of coffee:
  10. To use the cgminer binary to run against your mining pool, you’ll need to launch it with sudo, since it needs access to the USB device.
    I am mining multipool.us. Here is an example of the scrypt:

    $ sudo ./cgminer –scrypt -o stratum+tcp://us-east.multipool.us:7777 -u username.threadid -p x –gridseed-options=baud=115200,freq=888,chips=5

    Be patient.

    You should see some output from the cgminer:

Setting CGMiner to Autostart on Reboot

Once you’ve verified that your miner is working (log into the pool’s website and make sure your worker threads are being identified), you can set the miner to start on reboot.

  1. sudo vi /etc/rc.local
  2. Add the following at the bottom of the file (but above the exit 0 line):
    /root/cgminer –scrypt -o stratum+tcp://us-east.multipool.us:7777 -u username.threadid -p x –gridseed-options=baud=115200,freq=888,chips=5
  3. Save the file and reboot your Pi.  If you did it right, your mining pool’s website should still show your worker threads

    Check Power Draw

    Shut down the Raspberry Pi and plug everything into a power strip and plug the power strip into the Kill A Watt. Record how much power you are consuming while mining.  As you can see, in my system, I am consuming about 11 Watts of power while mining.  That’s the beauty of mining with a Raspberry Pi.  I may not be getting massive money quickly but I’m also not spending a lot in power either.

  4.  

At 11 Watts, I will draw 0.011 kW/h.  Over the course of a year that would be 96.36 kW of power.  At my current rate of approximately 0.07 per kW/h running this all year, 24×7 will cost me $6.74.  If I can generate more than $6.74 of AltCoin over the year then this will be a profitable venture.  I will post progress every so often.

Continue reading

The Math Behind Bitcoin

This article is reprinted (with permission) from chain.com:


One reason Bitcoin can be confusing for beginners is that the technology behind it redefines the concept of ownership.

To own something in the traditional sense, be it a house or a sum of money, means either having personal custody of the thing or granting custody to a trusted entity such as a bank.

With Bitcoin the case is different. Bitcoins themselves are not stored either centrally or locally and so no one entity is their custodian. They exist as records on a distributed ledger called the block chain, copies of which are shared by a volunteer network of connected computers. To “own” a bitcoin simply means having the ability to transfer control of it to someone else by creating a record of the transfer in the block chain. What grants this ability? Access to an ECDSA private and public key pair. What does that mean and how does that secure Bitcoin?

Let’s have a look under the hood.

ECDSA is short for Elliptic Curve Digital Signature Algorithm. It’s a process that uses an elliptic curve and a finite field to “sign” data in such a way that third parties can verify the authenticity of the signature while the signer retains the exclusive ability to create the signature. With Bitcoin, the data that is signed is the transaction that transfers ownership.

ECDSA has separate procedures for signing and verification. Each procedure is an algorithm composed of a few arithmetic operations. The signing algorithm makes use of the private key, and the verification process makes use of the public key. We will show an example of this later.

But first, a crash course on elliptic curves and finite fields.

Elliptic Curves

An elliptic curve is represented algebraically as an equation of the form:

y2 = x3 + ax + b

For a = 0 and b = 7 (the version used by Bitcoin), it looks like this:

Elliptic curves have useful properties. For example, a non-vertical line intersecting two non-tangent points on the curve will always intersect a third point on the curve. A further property is that a non-vertical line tangent to the curve at one point will intersect precisely one other point on the curve.

We can use these properties to define two operations: point addition and point doubling.

Point additionP + Q = R, is defined as the reflection through the x-axis of the third intersecting point R’ on a line that includes P and Q. It’s easiest to understand this using a diagram:

Similarly, point doublingP + P = R is defined by finding the line tangent to the point to be doubled, P, and taking reflection through the x-axis of the intersecting point R’ on the curve to get R. Here’s an example of what that would look like:

Together, these two operations are used for scalar multiplicationR = a P,defined by adding the point P to itself a times. For example:

R = 7P
R = P + (P + (P + (P + (P + (P + P)))))

The process of scalar multiplication is normally simplified by using a combination of point addition and point doubling operations. For example:

R = 7P
R = P + 6P
R = P + 2 (3P)
R = P + 2 (P + 2P)

Here, 7P has been broken down into two point doubling steps and two point addition steps.

Finite Fields

A finite field, in the context of ECDSA, can be thought of as a predefined range of positive numbers within which every calculation must fall. Any number outside this range “wraps around” so as to fall within the range.

The simplest way to think about this is calculating remainders, as represented by the modulus (mod) operator. For example, 9/7 gives 1 with a remainder of 2:

9 mod 7 = 2

Here our finite field is modulo 7, and all mod operations over this field yield a result falling within a range from 0 to 6.

Putting it Together

ECDSA uses elliptic curves in the context of a finite field, which greatly changes their appearance but not their underlying equations or special properties. The same equation plotted above, in a finite field of modulo 67, looks like this:

It’s now a set of points, in which all the x and y values are integers between 0 and 66. Note that the “curve” still retains its horizontal symmetry.

Point addition and doubling are now slightly different visually. Lines drawn on this graph will wrap around the horizontal and vertical directions, just like in a game of Asteroids, maintaining the same slope. So adding points (2, 22) and (6, 25) looks like this:

The third intersecting point is (47, 39) and its reflection point is (47, 28).

Back to ECDSA and Bitcoin

A protocol such as Bitcoin selects a set of parameters for the elliptic curve and its finite field representation that is fixed for all users of the protocol. The parameters include the equation used, the prime modulo of the field, and a base point that falls on the curve. The order of the base point, which is not independently selected but is a function of the other parameters, can be thought of graphically as the number of times the point can be added to itself until its slope is infinite, or a vertical line. The base point is selected such that the order is a large prime number.

Bitcoin uses very large numbers for its base point, prime modulo, and order. In fact, all practical applications of ECDSA use enormous values. The security of the algorithm relies on these values being large, and therefore impractical to brute force or reverse engineer.

In the case of Bitcoin:

Elliptic curve equation: y2 = x3 + 7

Prime modulo = 2256–232–29–28–27–26–24–1 = FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F

Base point = 04 79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798 483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8

Order = FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141

Who chose these numbers, and why? A great deal of research, and a fair amount of intrigue, surrounds the selection of appropriate parameters. After all, a large, seemingly random number could hide a backdoor method of reconstructing the private key. In brief, this particular realization goes by the name of secp256k1 and is part of a family of elliptic curve solutions over finite fields proposed for use in cryptography.

Private Keys and Public Keys

With these formalities out of the way, we are now in a position to understand private and public keys and how they are related. Here it is in a nutshell: In ECDSA, the private key is an unpredictably chosen number between 1 and the order. The public key is derived from the private key by scalar multiplication of the base point a number of times equal to the value of the private key. Expressed as an equation:

public key = private key * base point

This shows that the maximum possible number of private keys (and thus Bitcoin addresses) is equal to the order.

In a continuous field we could plot the tangent line and pinpoint the public key on the graph, but there are some equations that accomplish the same thing in the context of finite fields. Point addition of p + q to find r is defined component-wise as follows:

c = (qy — py) / (qx — px)
rx = c2 — px — qx
ry = c (px — rx) — py

And point doubling of p to find is as follows:

c = (3px2 + a) / 2py
rx = c2–2px
ry = c (px — rx) — py

In practice, computation of the public key is broken down into a number of point doubling and point addition operations starting from the base point.

Let’s run a back of the envelope example using small numbers, to get an intuition about how the keys are constructed and used in signing and verifying. The parameters we will use are:

Equation: y2 = x3 + 7 (which is to say, a = 0 and b = 7)
Prime Modulo: 67
Base Point: (2, 22)
Order: 79
Private key: 2

First, let’s find the public key. Since we have selected the simplest possible private key with value = 2, it will require only a single point doubling operation from the base point. The calculation looks like this:

c = (3 * 22 + 0) / (2 * 22) mod 67
c = (3 * 4) / (44) mod 67
c = 12 / 44 mod 67

Here we have to pause for a bit of sleight-of-hand: how do we perform division in the context of a finite field, where the result must always be an integer? We have to multiply by the inverse, which space does not permit us to define here (we refer you to here and here if interested). In the case at hand, you will have to trust us for the moment that:

44–1 = 32

Moving right along:

c = 12 * 32 mod 67
c = 384 mod 67
c = 49

rx = (492–2 * 2) mod 67
rx = (2401–4) mod 67
rx = 2397 mod 67
rx = 52

ry = (49 * (2–52) — 22) mod 67
ry = (49 * (-50) — 22) mod 67
ry = (-2450–22) mod 67
ry = -2472 mod 67
ry = 7

Our public key thus corresponds to the point (52, 7). All that work for a private key of 2!

This operation — going from private to public key — is computationally easy in comparison to trying to work backwards to deduce the private key from the public key, which while theoretically possible is computationally infeasible due to the large parameters used in actual elliptic cryptography.

Therefore, going from the private key to the public key is by design a one-way trip.

As with the private key, the public key is normally represented by a hexadecimal string. But wait, how do we get from a point on a plane, described by two numbers, to a single number? In an uncompressed public key the two 256-bit numbers representing the x and y coordinates are just stuck together in one long string. We can also take advantage of the symmetry of the elliptic curve to produce a compressed public key, by keeping just the x value and noting which half of the curve the point is on. From this partial information we can recover both coordinates.

Signing Data with the Private Key

Now that we have a private and public key pair, let’s sign some data!

The data can be of any length. The usual first step is to hash the data to generate a number containing the same number of bits (256) as the order of the curve. Here, for the sake of simplicity, we’ll skip the hashing step and just sign the raw data z. We’ll call G the base point, n the order, and d the private key. The recipe for signing is as follows:

  1. Choose some integer k between 1 and n — 1.
  2. Calculate the point (x, y) = k * G, using scalar multiplication.
  3. Find r = x mod n. If r = 0, return to step 1.
  4. Find s = (z + r * d) / k mod n. If s = 0, return to step 1.
  5. The signature is the pair (r, s)

As a reminder, in step 4, if the numbers result in a fraction (which in real life they almost always will), the numerator should be multiplied by the inverse of the denominator. In step 1, it is important that k not be repeated in different signatures and that it not be guessable by a third party. That is, kshould either be random or generated by deterministic means that are kept secret from third parties. Otherwise it would be possible to extract the private key from step 4, since szrk and n are all known. You can read about a past exploit of this type here.

Let’s pick our data to be the number 17, and follow the recipe. Our variables:

z = 17 (data)
n = 79 (order)
G = (2, 22) (base point)
d = 2 (private key)

1. Pick a random number:

k = rand(1, n — 1)
k = rand(1, 79–1)
k = 3 (is this really random? OK you got us, but it will make our example simpler!)

2. Calculate the point. This is done in the same manner as determining the public key, but for brevity let’s omit the arithmetic for point addition and point doubling.

(x, y) = 3G
(x, y) = G + 2G
(x, y) = (2, 22) + (52, 7)
(x, y) = (62, 63)
x = 62
y = 63

3. Find r:

r = x mod n
r = 62 mod 79
r = 62

4. Find s:

s = (z + r * d) / k mod n
s = (17 + 62 * 2) / 3 mod 79
s = (17 + 124) / 3 mod 79
s = 141 / 3 mod 79
s = 47 mod 79
s = 47

Note that above we were able to divide by 3 since the result was an integer. In real-life cases we would use the inverse of k (like before, we have hidden some gory details by computing it elsewhere):

s = (z + r * d) / k mod n
s = (17 + 62 * 2) / 3 mod 79
s = (17 + 124) / 3 mod 79
s = 141 / 3 mod 79
s = 141 * 3–1 mod 79
s = 141 * 53 mod 79
s = 7473 mod 79
s = 47

5. Our signature is the pair (rs) = (62, 47).

As with the private and public keys, this signature is normally represented by a hexadecimal string.

Verifying the Signature with the Public Key

We now have some data and a signature for that data. A third party who has our public key can receive our data and signature, and verify that we are the senders. Let’s see how this works.

With Q being the public key and the other variables defined as before, the steps for verifying a signature are as follows:

  1. Verify that r and s are between 1 and n — 1.
  2. Calculate w = s-1 mod n
  3. Calculate u = z * w mod n
  4. Calculate v = r * w mod n
  5. Calculate the point (x, y) = uG + vQ
  6. Verify that r = x mod n. The signature is invalid if it is not.

Why do these steps work? We are skipping the proof, but you can read the details here. Let’s follow the recipe and see how it works. Our variables, once again:

z = 17 (data)
(r, s) = (62, 47) (signature)
n = 79 (order)
G = (2, 22) (base point)
Q = (52, 7) (public key)

1. Verify that r and s are between 1 and n — 1. Check and check.

r: 1 <= 62 < 79
s: 1 <= 47 < 79

2. Calculate w:

w = s-1 mod n
w = 47–1 mod 79
w = 37

3. Calculate u:

u = zw mod n
u = 17 * 37 mod 79
u = 629 mod 79
u = 76

4. Calculate v:

v = rw mod n
v = 62 * 37 mod 79
v = 2294 mod 79
v = 3

5. Calculate the point (xy):

(x, y) = uG + vQ

Let’s break down the point doubling and addition in uG and vQ separately.

uG = 76G
uG = 2(38G)
uG = 2( 2(19G) )
uG = 2( 2(G + 18G) )
uG = 2( 2(G + 2(9G) ) )
uG = 2( 2(G + 2(G + 8G) ) )
uG = 2( 2(G + 2(G + 2(4G) ) ) )
uG = 2( 2(G + 2(G + 2( 2(2G) ) ) ) )

Sit back for a moment to appreciate that by using the grouping trick we reduce 75 successive addition operations to just six operations of point doubling and two operations of point addition. These tricks will come in handy when the numbers get really large.

Working our way from the inside out:

uG = 2( 2(G + 2(G + 2( 2( 2(2, 22) ) ) ) ) )
uG = 2( 2(G + 2(G + 2( 2(52, 7) ) ) ) )
uG = 2( 2(G + 2(G + 2(25, 17) ) ) )
uG = 2( 2(G + 2( (2, 22) + (21, 42) ) ) )
uG = 2( 2(G + 2(13, 44) ) )
uG = 2( 2( (2, 22) + (66, 26) ) )
uG = 2( 2(38, 26) )
uG = 2(27, 40)
uG = (62, 4)

And now for vQ:

vQ = 3Q
vQ = Q + 2Q
vQ = Q + 2(52, 7)
vQ = (52, 7) + (25, 17)
vQ = (11, 20)

Putting them together:

(x, y) = uG + vQ
(x, y) = (62, 4) + (11, 20)
(x, y) = (62, 63)

Clearly step 5 is the bulk of the work. For the final step,

6. Verify that r = x mod n

r = x mod n
62 = 62 mod 79
62 = 62

Our signature is valid!

Conclusion

For those of you who saw all the equations and skipped to the bottom, what have we just learned?

We have developed some intuition about the deep mathematical relationship that exists between public and private keys. We have seen how even in the simplest examples the math behind signatures and verification quickly gets complicated, and we can appreciate the enormous complexity which must be involved when the parameters involved are 256-bit numbers. We have seen how the clever application of the simplest mathematical procedures can create the one-way “trap door” functions necessary to preserve the information asymmetry which defines ownership of a bitcoin. And we have newfound confidence in the robustness of the system, provided that we carefully safeguard the knowledge of our private keys.

In other words, this is why it is commonly said that Bitcoin is “backed by math.”

If you hung in through the complicated bits, we hope it gave you the confidence to take the next step and try out the math on your own (a modular arithmetic calculator makes the finite field math much easier). We found that going through the steps of signing and verifying data by hand provides a deeper understanding of the cryptography that enables Bitcoin’s unique form of ownership.

***

Special thanks to Steven Phelps for help with this article

Continue reading

What is Bitcoin?

Put simply, bitcoin is the oldest form of crypto currency. In the traditional world, all currency is backed by things that hold real world value (gold, silver, etc.)  When you hold a piece of paper with a picture of Benjamin Franklin on it, the U.S. Government says that you hold a paper that is worth a certain amount of gold.  That’s the only thing that makes that piece of paper worth anything. The government guarantees you a certain amount of value for that piece of paper.

In cryptocurrency, there is no such concept. No government backs cryptocurrency. There is no precious metal that guarantees its value. The only thing that makes cryptocurrency valuable is the people.

People who say it has value.

That’s it.

If, someday, the entire world says cryptocurrency is now worthless and we are no longer interested, that currency would not have any value any more. Fortunately, that day will probably never come.

In fact, over time, as the math problems and coding behind Bitcoin gets stronger, more secure, more scalable and more widely accepted, Bitcoin and all the altcoins will only continue to increase in value.

In fact, some economists are predicting Bitcoin value will go as high as $6,000 by 2018.

If you just want a simple, quick explanation of what Bitcoin “IS” then the video above will give you that Reader’s Digest version.

Tomorrow we will dive into the mathematics behind the Bitcoin algorithm. If you are a real math nerd, you won’t want to miss it.

Continue reading