MODULE 4

2) Structure of SHA-256 (5 Marks)

SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function that produces a
256-bit (32-byte) hash value from an input of arbitrary length. It is widely used in blockchain
technologies such as Bitcoin.
1. Merkle-Damgård Construction
SHA-256 uses the Merkle-Damgård construction, which turns a fixed-length compression
function into a hash function that can process inputs of arbitrary length. The input message is
divided into blocks of 512 bits (64 bytes) each.
• Each block is processed sequentially with the help of a compression function that
takes a fixed-length input and produces a fixed-length output.
2. Input Padding
Since the input length may not always be a multiple of 512 bits, padding is applied to ensure
that the input is padded to the correct length:
• Padding the message: A 1-bit is added to the end of the message, followed by as
many 0-bits as needed to make the message length congruent to 448 modulo 512.
• Length encoding: The original length of the input message (in bits) is appended to
the end as a 64-bit integer. This ensures that the total length is a multiple of 512 bits.
3. Initialization Vector (IV)
SHA-256 begins with an initialization vector (IV), which is a fixed set of 256 bits that
serves as the starting point for the hash computation. This IV is used in the first step of the
compression function and is consistent for every SHA-256 calculation.
4. Compression Function
SHA-256's core is its compression function, which processes each block of 512 bits:
• Input to the compression function: The input consists of the current block of the
message (512 bits) and the output of the previous block’s processing (or the IV for the
first block).
• Output of the compression function: The function produces a 256-bit output,
which is the new hash value for that block. This output is then used as the input for
the next block.
The compression function itself involves several operations:
• Message Schedule: The 512-bit block is expanded into 64 words of 32 bits each
using bitwise operations and logical functions like AND, OR, XOR, and NOT.
• Main computation: These expanded words are then processed through 64 rounds of
bitwise operations, including additions, logical operations, and bit shifts, guided by
constants derived from the fractional parts of cube roots of prime numbers.
5. Final Output After all message blocks are processed, the final 256-bit hash is produced.
This value is the hash of the entire input message. The last block’s output becomes the final
hash, which is the SHA-256 hash.
Module 5

Briefly explain concept of Smart Contracts (5 Marks)

Definition:
A smart contract is a secure and unstoppable computer program that represents an agreement,
which is automatically executable and enforceable.

Key Features:

1. Computer Program: Written in a language understood by machines, incorporating business

logic.

2. Automatic Execution: Executes predefined actions when specified conditions are met,
requiring no intermediaries.

3. Enforceability: Ensures that all contractual terms are followed, even in adversarial
conditions.

4. Security and Unstoppability: Designed to be fault-tolerant and maintain functionality under

unfavorable external conditions.

Operation:

• Smart contracts operate using a state machine model, advancing their internal state based
on predefined conditions.

• They function deterministically, ensuring consistent outputs across nodes, which is crucial for
maintaining blockchain consensus.

Challenges:

• Bridging the gap between human-readable legal contracts and machine-executable code.

• Legal and regulatory compliance for making smart contracts legally binding.

Applications:

• Used in financial transactions, supply chain automation, real estate (title deeds), and more.

In essence, smart contracts embody the principle of "code is law," eliminating the need for external
enforcement while ensuring reliability and efficiency.
Note on The transaction substate 5 m
A transaction substate is created during the execution of the transaction that is processed
immediately after the execution completes.

This transaction substate is a tuple that is composed of four items. These items are described here:
Suicide set or self-destruct set:

This element contains the list of accounts (if any) that are disposed of after the transaction executes.
Log series:

This is an indexed series of checkpoints that allow the monitoring and notification of contract calls to
the entities external to the Ethereum environment, such as application frontends.

It works like a trigger mechanism that is executed every time a specific function is invoked, or a
specific event occurs.

Logs are created in response to events occurring in the smart contract. It can also be used as a
cheaper form of storage.

Events will be covered with practical examples in Chapter 14, Introducing Web3. Refund balance:
This is the total price of gas in the transaction that initiated the execution.

Refunds are not immediately executed; instead, they are used to offset the total execution cost
partially.

Touched accounts: This is the set of touched accounts from which empty ones are deleted at the
end of the transaction

Briefly explain the field involved in Account state 5 m

The account state in Ethereum is a representation of the current state of an account. It comprises
four key fields:

1. Nonce:

o A counter that tracks the number of transactions sent from an account.

o For contract accounts, it represents the number of contracts created by that

account.

o Ensures uniqueness of transactions to prevent replay attacks.

2. Balance:

o Represents the amount of Wei (the smallest unit of Ether) held by the account.

o Wei is used for precise calculations, as 1 Ether = 101810^{18}1018 Wei.

3. Storage Root:

o The root node of a Merkle Patricia Trie, encoding the storage contents of the
account.

o This trie is used for efficient and verifiable storage of key-value pairs.
 4. Code Hash:

o Stores the hash of the smart contract code associated with the account.

o For externally owned accounts (non-contract accounts), this is the Keccak-256 hash
of an empty string.

o Ensures immutability of the smart contract code.

Relationship with the World State Trie:

• The accounts trie encodes account information using a Merkle Patricia Trie.

• The root of the world state trie represents the mapping of account addresses to their
respective account states.

• This root is stored in the block header as the state root hash, ensuring integrity and
consistency of the blockchain.

This hierarchical structure ensures efficient storage, verification, and updates to the blockchain state.

Ether cryptocurrency / tokens (ETC and ETH) 5m

As an incentive to the miners, Ethereum also rewards its own native currency called Ether,
abbreviated as ETH.

After the DAO hack (described later in this chapter), a hard fork was proposed in order to mitigate
the issue; therefore, there are now two Ethereum blockchains: one is called Ethereum Classic, and its
currency is represented by ETC, whereas the hard-forked version is ETH, which continues to grow and
on which active development is being carried out.

ETC, however, has its following with a dedicated community that is further developing ETC, which is
the unforked original version of Ethereum.

This chapter is focused on ETH, which is the currently the most active and official Ethereum
blockchain.

Ether is minted by miners as a currency reward for the computational effort they spend to secure
the network by verifying and with validation transactions and blocks.

Ether is used within the Ethereum blockchain to pay for the execution of contracts on the EVM.
Ether is used to purchase gas as crypto fuel, which is required to perform computation on the
Ethereum blockchain.
The denomination table is shown as follows

Ethereum Virtual Machine (EVM) – 10 Marks

The Ethereum Virtual Machine (EVM) is a crucial component of the Ethereum blockchain that
provides the runtime environment for executing smart contracts. Below are its key features and
functionalities:

Core Features:

1. Stack-Based Architecture:

o Operates on a 256-bit stack with a maximum size of 1024 elements.

o Follows a Last In, First Out (LIFO) queue for operations.

2. Turing-Complete Machine:

o Capable of executing any computation, provided sufficient resources (gas).

o Prevents infinite loops by requiring gas for every instruction, thus avoiding denial-of-
service (DoS) attacks.

3. Gas Mechanism:
 o Ensures that computational tasks have a cost, making infinite or malicious loops
economically infeasible.

4. Isolation and Security:

o Runs in a sandboxed environment with no access to external resources (e.g.,

network or file systems).

o This isolation enhances security and ensures deterministic execution.

Memory and Storage:

1. Memory:

o Temporary, like RAM, and cleared after contract execution.

o Unlimited but constrained by gas fees.

2. Storage:

o Persistent, like hard disk storage, and stored permanently on the blockchain.

o Structured as a key-value store, with 32-byte keys and values.

3. Program Code:

o Stored in a virtual read-only memory (ROM).

o Transferred to main memory using the CODECOPY instruction for execution.

Execution Flow:

• The EVM reads instructions from memory, updates the program counter, and pushes or
pops values from the stack during execution.

• Ensures integrity by maintaining all storage and memory initialized to zero by default.

Optimization and Research:

• Research into EVM optimization is ongoing, with WebAssembly (WASM) being explored for
faster and more efficient execution.

• New tools and languages, such as JULIA, aim to enhance smart contract development by
compiling to multiple backends, including EVM and eWASM.
Execution environment

Key Elements of the Execution Environment – 10 Marks

The execution environment in Ethereum provides all necessary parameters and context for code
execution. These key elements ensure that smart contracts and transactions can be executed
securely and deterministically. Below are the essential components required for the execution
environment:

Key Elements:

1. System State:

o The global state of the Ethereum blockchain, which includes account balances,
storage, and code.

2. Remaining Gas:

o Tracks the gas available for executing the code. Gas ensures efficient resource
allocation and prevents infinite loops.

3. Address of the Executing Account:

o The account that owns the code being executed.

4. Sender's Address:

o The address of the entity (user or contract) that initiated the transaction or message.

5. Originating Address:

o The address from which the execution originated. This may differ from the sender’s
address in certain scenarios.

6. Gas Price:

o The cost per unit of gas specified in the transaction that initiated the execution.

7. Input Data (Transaction Data):

o A byte array containing input parameters for execution.

o In a transaction, this includes data needed for contract functions.

8. Value (Transaction Value):

o The amount of Wei transferred as part of the transaction.

9. Code to be Executed:

o The program code presented as a byte array. It is processed by the execution

environment during each cycle.

10. Block Header:

o Information about the current block, such as the block number, timestamp, and
miner.

11. Message Calls or Contract Creations in Execution:

o The count of nested CALL or CREATE operations currently in progress.

12. Permission to Modify State:

 o Specifies whether the execution environment is authorized to update the global
state.

Precompiled Contracts in Ethereum (Byzantium Release) – 10 Marks

Precompiled contracts in Ethereum are built-in contracts that provide efficient implementations of
complex cryptographic and mathematical operations. These contracts run at specific fixed addresses
and execute faster than regular smart contracts. Below is a list of the eight precompiled contracts
introduced in the Byzantium release, along with their descriptions:

1. Elliptic Curve Public Key Recovery Function (ECDSARECOVER)

• Address: 0x1

• Purpose:

o Derives the public key from a given private key using elliptic curve cryptography.

o Typically used for verifying digital signatures.

• Inputs:

o H (32-byte hash of the message), and V, R, S (ECDSA signature components).

• Output:

o A 64-byte public key if the signature is valid; otherwise, no output is returned.

• Gas Cost: 3,000.

2. SHA-256 Hash Function

• Address: 0x2

• Purpose:

o Computes the SHA-256 hash of the input data.

o Used in cryptographic applications and message integrity checks.

• Output:

o A 32-byte SHA-256 hash value.

• Gas Cost: Depends on the input size.

3. RIPEMD-160 Hash Function

 • Address: 0x3

• Purpose:

o Generates a 160-bit RIPEMD hash of the input data.

o Often used in blockchain applications, e.g., Bitcoin addresses.

• Output:

o A 20-byte RIPEMD-160 hash value.

• Gas Cost: Depends on the input size.

4. Identity/Datacopy Function

• Address: 0x4

• Purpose:

o Outputs the same value as the input (identity mapping).

o Commonly used for simple data copying.

• Output:

o Same as the input data.

• Gas Cost:

o Calculated as 15 + 3 * (Input Size / 32).

5. Big Modular Exponentiation Function

• Address: 0x5

• Purpose:

o Performs modular exponentiation for large integers.

o Enables RSA signature verification and other cryptographic operations.

6. Elliptic Curve Point Addition Function

• Address: 0x6

• Purpose:

o Implements elliptic curve point addition, a core cryptographic operation.

o Used in zk-SNARKs and similar cryptographic constructs.

7. Elliptic Curve Scalar Multiplication

 • Address: 0x7

• Purpose:

o Executes elliptic curve scalar multiplication (point doubling).

o Used for advanced cryptographic methods like zk-SNARKs.

8. Elliptic Curve Pairing

• Address: 0x8

• Purpose:

o Performs bilinear pairing operations on elliptic curves.

o Essential for verifying zk-SNARKs proofs and other cryptographic constructs.

Explain any 5 standard field in Ethereum transaction

A transaction in Ethereum represents a request to transfer Ether, interact with a smart contract, or
execute other blockchain operations. Each transaction contains several standard fields that define its
details and behavior. Below are five key fields:

1. Nonce

• Definition:

o A unique integer value assigned to each transaction initiated by an account.

o Ensures the order of transactions and prevents replay attacks (duplicate

transactions).

• Usage:

o The first transaction from an account has a nonce of 0, the next is 1, and so on.

o For example, if a transaction with nonce 3 is submitted before nonce 2, it will not be
processed until nonce 2 is completed.

2. Gas Price

• Definition:

o The amount of Ether (in wei) the sender is willing to pay per unit of gas for the
execution of the transaction.

• Usage:

o Higher gas prices incentivize miners to prioritize the transaction.

o Measured in gwei, where 1 gwei = 10⁹ wei.

 • Example:

3. Gas Limit

• Definition:

o The maximum amount of gas a sender is willing to allow for the transaction to
execute.

• Usage:

o Protects users from overspending on failed transactions or infinite loops in smart

contracts.

o Unused gas is refunded to the sender after transaction execution.

• Example:

o If the gas limit is set to 50,000 but only 25,000 gas is used, the remaining gas is
returned.

4. To Address

• Definition:

o The recipient's Ethereum address, which can be an external account or a smart

contract.

• Usage:

o Specifies the destination of the Ether or the smart contract to interact with.

o If the to field is empty, it indicates the creation of a new contract.

5. Value

• Definition:

o The amount of Ether (in wei) being transferred in the transaction.

• Usage:

o Represents the amount of cryptocurrency to be sent to the recipient address.

o A value of 0 is often used in smart contract interactions where no Ether is

transferred.

• Data: Contains input data for smart contract execution, such as function arguments or
parameters.

• V, R, S: Digital signature fields used to verify the transaction's authenticity.

Notes on Zerocoin, Zero-Knowledge Proofs, and Zerocash (10 m)

a) Zerocoin

Zerocoin is a cryptocurrency protocol designed to enhance privacy and anonymity in blockchain

transactions. It introduces a mechanism to break the transaction link between the sender and
receiver by implementing cryptographic guarantees at the protocol level.

1. Key Features:

o Provides protocol-level mixing for enhanced privacy.

o Basecoins can be converted into zerocoins, and later redeemed for new basecoins,
making the new coins unlinkable to the old ones.

o Unlike centralized mixing services, Zerocoin eliminates the need to trust

intermediaries, relying only on cryptographic principles.

2. How It Works:

o Users exchange their basecoins for zerocoins (cryptographic tokens).

o These zerocoins act as proofs that a user previously owned basecoins but do not
reveal which specific coins were owned.

o When redeeming zerocoins, the link to the original basecoins is broken.

3. Cryptographic Guarantees:

o Ensures anonymity without trusting miners, intermediaries, or the network.

o Prevents double-spending by cryptographically ensuring that each zerocoin proof is

used only once.

4. Challenges:

o Not directly compatible with Bitcoin without significant changes (e.g., soft or hard
forks).

o Deployment is more feasible as a separate altcoin rather than integrating into

existing systems.

b) Zero-Knowledge Proofs

Zero-knowledge proofs are cryptographic techniques that enable proving the validity of a statement
without revealing any additional information.

1. Definition:

o A method to prove a statement (e.g., "I know a secret") is true without disclosing the
actual secret.

o Essential for preserving privacy in cryptographic systems.

 2. Example:

o Suppose you solved a hash puzzle and want to prove it. Instead of revealing the
solution (x), a zero-knowledge proof allows you to demonstrate that a solution exists
without revealing x.

3. Key Properties:

o Completeness: If the statement is true, the verifier will accept the proof.

o Soundness: If the statement is false, the verifier will reject the proof.

o Zero-Knowledge: The proof does not reveal any information beyond the validity of
the statement.

4. Applications in Cryptocurrency:

o Used in Zerocoin to anonymize transactions.

o Form the foundation of more advanced privacy protocols like zk-SNARKs (used in
Zerocash).

5. Benefits:

o Enhances privacy by keeping transaction data (e.g., inputs and outputs) hidden.

o A cornerstone for modern cryptographic protocols.

c) Zerocash

Zerocash is an evolution of the Zerocoin protocol, offering even greater privacy and efficiency by
using advanced cryptographic techniques.

1. Key Features:

o Built on zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of

Knowledge), which make proofs compact and efficient.

o Eliminates the need for a basecoin by enabling all transactions to occur in a zero-
knowledge manner.

o Anonymity is extended to transaction amounts and addresses.

2. How It Works:

o All transaction amounts and recipient/sender details are hidden from the public
blockchain.

o The public ledger only records the existence of transactions and cryptographic proofs
that ensure correctness.

o Miners verify transactions without knowing details (except transaction fees).

3. Advantages over Zerocoin:

o Complete Privacy: Hides addresses, transaction amounts, and balances.

 o No Fixed Denominations: Unlike Zerocoin, transactions can involve any amount
without splitting or merging.

4. Security and Privacy:

o Immune to side-channel attacks against mixing.

o An entirely untraceable system of transactions, ensuring user anonymity.

5. Applications:

o Can operate as a standalone cryptocurrency offering unmatched privacy features.

o Used as the foundation for privacy-focused cryptocurrencies like Zcash.

Tasks Bitcoin Miners Must Perform When Joining the Bitcoin

Network (10 m)
Bitcoin miners play a crucial role in maintaining the Bitcoin network's functionality and security.
When joining the network, miners are required to perform several tasks that can be broadly
categorized as maintaining the blockchain and competing for rewards. The tasks are as follows:

1. Listen for Transactions

o Miners must listen for transactions broadcasted to the network.

o They validate transactions by ensuring that the digital signatures are correct and that
the outputs being spent have not already been spent.

2. Maintain the Blockchain and Listen for New Blocks

o New miners start by downloading the entire blockchain from other nodes to obtain
the historical blocks.

o They listen for new blocks and validate them by checking the transactions they
contain and ensuring that the block has a valid nonce.

3. Assemble a Candidate Block

o Miners collect valid transactions from the pending transaction pool and assemble
them into a new candidate block.

o The candidate block extends the latest block in the blockchain, ensuring that all
included transactions are valid.
 4. Find a Valid Nonce

o Miners search for a nonce value that makes the hash of their candidate block satisfy
the network’s difficulty target.

o This process involves a significant amount of computational work as miners

repeatedly change the nonce and hash the block header to meet the requirements.

5. Announce the Block and Compete for Acceptance

o Once a valid block is found, miners broadcast it to the network as quickly as possible.

o Other miners must verify and accept this block as part of the blockchain. If multiple
miners find valid blocks simultaneously, only one will eventually be accepted as part
of the main chain, depending on the chain’s growth.

6. Profit from Block Rewards

o If the miner’s block is accepted into the blockchain, they receive the block reward,
which includes newly minted bitcoins and any transaction fees from the transactions
included in the block.

o This reward serves as an incentive for miners to continue securing and validating the
network.

These tasks can be grouped into two primary categories:

1. Network Maintenance Tasks

o Validating transactions and maintaining the blockchain.

o Essential for ensuring the Bitcoin network remains secure and operational.

2. Profit-Driven Tasks

o Competing to find valid blocks and receive rewards.

o Provides financial incentives for miners to perform the network maintenance tasks
effectively.

By performing these tasks, miners help secure the network, confirm transactions, and maintain the
integrity of the blockchain.

Explanation of CPU Mining, GPU Mining, FPGA Mining, and Mining Hardware
1. CPU Mining:

• Definition: Mining performed using the central processing unit (CPU) of a general-purpose
computer. Early Bitcoin mining relied solely on CPUs, which computed SHA-256 hashes in
software by iterating over different nonces.
 • Performance: A high-end CPU could achieve about 20 MH/s (20 million hashes per second),
which became insufficient as Bitcoin’s mining difficulty increased.

• Challenges: CPU mining is no longer profitable due to high difficulty levels and the
introduction of more efficient hardware.

2. GPU Mining:

• Definition: Mining using a graphics processing unit (GPU). GPUs are designed for parallel
computation, making them far more efficient than CPUs for tasks like Bitcoin mining.

• Performance: High-end GPUs could achieve around 200 MH/s, an order of magnitude faster
than CPUs.

• Advantages:

o Easier for hobbyists to set up.

o GPUs support overclocking to increase performance.

o Parallelism allows multiple SHA-256 computations simultaneously.

• Disadvantages:

o Unused hardware in GPUs, like floating-point units, adds inefficiency.

o GPUs consume significant power and generate heat, requiring cooling systems.

• Current Status: GPU mining is largely obsolete for Bitcoin but may still be used for early-
stage altcoins.

3. FPGA Mining:

• Definition: Mining using Field Programmable Gate Arrays (FPGAs), which can be
programmed to perform specific tasks efficiently, like mining Bitcoin.

• Performance: A well-implemented FPGA could achieve 1 GH/s (1 billion hashes per second),
significantly outperforming CPUs and GPUs.

• Advantages:

o More efficient cooling compared to GPUs.

o Nearly all hardware resources on the FPGA can be dedicated to mining.

• Disadvantages:

o Less accessible due to limited availability and the need for specialized knowledge.

o High cost-per-performance made them a short-lived solution.

o Errors and malfunctions were common when operated beyond their design limits.

• Current Status: FPGA mining was a transitional phase that lasted a few months before
custom ASICs replaced it.
4. Mining Hardware:

• Refers to devices designed to perform the intensive computations required for

cryptocurrency mining. These include:

o CPUs: General-purpose computing, now obsolete for mining.

o GPUs: More efficient than CPUs but no longer competitive for Bitcoin.

o FPGAs: Specialized but limited in use due to high cost and short lifespan.

o ASICs (Application-Specific Integrated Circuits): Purpose-built for mining, offering

the best performance and efficiency, dominating modern mining operations.

Explain the following terms : a) High variance c) Mining pools e)Mining shares b) Pay-per-share
d)pool hopping

a) High Variance
High variance in mining refers to the significant uncertainty and fluctuation in rewards that small
miners face due to the probabilistic nature of finding a valid block. Mining rewards are governed by a
Poisson distribution, and a small miner may experience long periods without finding a block despite
the expected rewards over time. This makes mining akin to gambling, where consistent outcomes are
not guaranteed. For instance, a miner might expect to find one block in 14 months but could go years
without finding any, resulting in financial losses.

b) Pay-Per-Share (PPS)
Pay-per-share is a mining pool reward system where miners are paid a fixed amount for each share
they submit, irrespective of whether the pool finds a valid block. This model shifts all the risk to the
pool manager, ensuring steady payouts for miners. However, it can incentivize dishonest behavior,
such as miners discarding valid blocks, as they receive the same payout for submitting shares.

c) Mining Pools
Mining pools are cooperative groups of miners who combine their computational power to increase
the likelihood of finding a block. In a pool, all miners work together on the same block, and when a
valid block is found, the rewards are distributed among participants based on their contribution to
the pool's effort. The pool manager organizes the pool, distributes tasks, and handles the reward-
sharing process, typically taking a small fee for their service.

d) Pool Hopping
Pool hopping is a strategy used by miners to maximize their earnings by switching between pools
based on their payout structure. For example, miners might initially mine in a proportional pool,
where early shares in a cycle are more valuable, and later switch to a pay-per-share pool to avoid
diminishing returns in the proportional pool. This behavior can destabilize proportional pools and has
led to the development of more complex reward schemes to mitigate such manipulation.
e) Mining Shares
Mining shares are proofs submitted by miners to the pool manager to demonstrate their mining
effort. These are "near-valid" blocks with hashes that meet a lower difficulty target than required for
a valid block. Mining shares help pool managers verify the work done by each miner and distribute
rewards accordingly. Shares serve as a fair way to measure contributions without requiring miners to
find valid blocks individually.