https://crocs.fi.muni.cz @CRoCS_MUNI
PV204 Security technologies
Bitcoin I.
Petr Švenda svenda@fi.muni.cz @rngsec
Centre for Research on Cryptography and Security, Masaryk University
https://crocs.fi.muni.cz @CRoCS_MUNI
PREPARATION FOR THE SEMINAR
2 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Preparation: for the seminar
• Pre-install on your desktop
– Bitcoin Core 24.0.1 (pick zip or gzip file, don’t install and don’t let it run yet)
• https://bitcoincore.org/bin/bitcoin-core-24.0.1/
• Sparrow Wallet https://www.sparrowwallet.com/download/
• Pre-install two wallets on your phone (standard, Lighting)
– Green: Bitcoin wallet by Blockstream as standard wallet
• Allows for testnet network option
– WalletOfSatoshi as Lighting wallet
• (or BlueWallet/Zap/Muun… if you are more familiar)
– (Note: these are just recommendations, if you know what you are doing, there are plenty of
other options)
5 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI8 PV204 | LAB: Secure channels
https://crocs.fi.muni.cz @CRoCS_MUNI
Overview
1. Using Bitcoin Core full node (mainnet)
– Start downloading blocks, investigate connected peers, network
2. Using Bitcoin Core full node locally (regtest)
– cli, mining, sending, transactions
3. Group discussions – basic Bitcoin questions
4. Getting and sending some (testnet) bitcoins using SparrowWallet
| PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
INTRO
10 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Networks in Bitcoin (Mainnet, Testnet, Regtest)
• Mainnet – main, global production network
• Testnet – testing network (global, some mining happens…)
– Restarted from time to time, contains many different types and versions of TXs
• Regtest – local instance of Bitcoin network
– Used for local testing (integration, regression,debugging)
– Blockchain started from block 0, you are the only miner
– (mined bitcoins unusable on Mainnet)
– You can insert own transactions, decide on mining new blocks, debug…
• Signet – testing network with not_yet_available features enabled
• Lighting – second layer network atop of Mainnet
| PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
P2P Bitcoin network map https://bitnodes.io/
|
PV20
4
https://crocs.fi.muni.cz @CRoCS_MUNI
TASK: USING BITCOIN CORE
15 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Own work: Using API of full node
• Get Bitcoin full node 24.0.1 (pick .zip or .gz)
– https://github.com/bitcoin/bitcoin/releases
– https://bitcoincore.org/bin/bitcoin-core-24.0.1/
– Download and unpack .zip or .gz
• Download few blocks from real Bitcoin P2P network
– Run bitcoin-qt, Window → Network Traffic (Ctrl+N), Peers (Ctrl+P)
– Observe and document peers to which you connected (number, version, IP)
• Analyze first few blocks from blockchain
– Look into Bitcoin/blocks/blk00000.dat (e.g., C:/Bitcoin/blocks/blk00000.dat )
– If on Windows, Look for bitcoin folder also in your profile
• c:\Users\your_name\AppData\Roaming\Bitcoin\blocks\
17 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions
• Why is your full node connecting to other nodes?
• For how long is the Bitcoin network running now?
• What is the content of first block?
• What is the privacy advantage of sending/querying TXs using your full
node?
• How can you compute the current supply of bitcoins?
18 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI19 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Run strings on already downloaded blocks
• strings command on Linux
• strings on Windows: https://docs.microsoft.com/en-us/sysinternals/downloads/strings
• c:\Bitcoin\blocks>strings -n 20 *.dat
20 PV204 | LAB: Secure channels
https://crocs.fi.muni.cz @CRoCS_MUNI
TASK: USING BITCOIN-CLI (REGTEST)
21 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Using API: Bitcoin -regtest
• Optional: regtest network blocks are stored in \Bitcoin\regtest\ (Windows) or ~/.bitcoin/regtest
(Linux)
– Run "del /S /Q "%APPDATA%\Bitcoin\regtest\" to erase previous one (on LINUX, remove ~/.bitcoin/regtest)
• Run local network (bitcoin daemon)
– bitcoind –regtest
• Create new wallet
– bitcoin-cli -regtest createwallet "testwallet"
• Obtain new address for future mined bitcoins (=> miner_address)
– bitcoin-cli -regtest getnewaddress
• Mine 101 blocks: bitcoin-cli -regtest generatetoaddress 101 miner_address
• Check your balance: bitcoin-cli -regtest getbalance
|
PV20
4
This is necessary from
0.20.0 and higher
Note: Assumed version 24.0.1
Note: on Windows, do not use PowerShell
https://crocs.fi.muni.cz @CRoCS_MUNI
Using API: Bitcoin -regtest
• Set desired transaction fee BTC/kvB (wallets typically auto computing for you)
– bitcoin-cli -regtest settxfee 0.00002
• Send previously mined bitcoins to new address (getnewaddress→new_address)
– bitcoin-cli -regtest sendtoaddress new_address 10.00
• Display info about transaction:
– bitcoin-cli -regtest gettransaction txid
• Mine additional to block to include new TX into blockchain…
– https://bitcoin.org/en/developer-examples, https://bitcoin.org/en/developer-reference#bitcoin-core-apis
• Verify total supply: bitcoin-cli -regtest gettxoutsetinfo
24 PV204 | LAB: Secure channels
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions A.
• What type of address you get via getnewaddress command?
• How you can distinguish between addresses for mainnet, testnet and
regtest?
• Can you send mined regtest bitcoins to mainnet address (e.g.,
bc1xxxx…)?
• How many bitcoins you are supposed to have after mining 150
blocks? Why getbalance is showing only 2500 btc?
• How the block reward changes on mainnet? How it changes on
regtest net?
25 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
TASK: BITCOIN QUESTIONS
26 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Task: collaborative discussion
• Join discussion with group colleagues
• Try to find answers for the questions from the next slides
– No expectation to do all questions, but cover at least the basic ones
• For every questions:
– Discuss why and where (usage) it is relevant for Bitcoin (possibly more places)
– Try to answer using your knowledge, Internet and common sense
– Use ChatGPT for one marked question
• Note down 2-3 surprising observations to mention to whole classroom
27 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions B (you and ChatGPT)
• Answer the question below with your peers
– How can I pay you 1btc if I have only one UTXO worth of 5btc?
– What will happen if I will try send double-spending tx to Bitcoin network?
– Why should you use fresh new address for every receive transaction?
– What will happen if you create pull request to increasing total number of bitcoins from 21M
to 100M at https://github.com/bitcoin/bitcoin?
• Ask ChatGPT the question below, then discuss the answer provided critically
– What attacks are possible if I’m using Bitcoin wallet which is not connected to my trusted full
node?
28 PV204 | LAB: Secure channels
https://crocs.fi.muni.cz @CRoCS_MUNI
TASK: USING SIGNATURE COORDINATOR
29 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI30 CRoCS: Day of Open Doors
fullnode
Bitcoin
P2P network
fullnode
SW-only wallet
With hardware wallet
Blockchain
https://crocs.fi.muni.cz @CRoCS_MUNI
SINGLE-SIGNATURE WALLET (SW-ONLY)
31 EDUC: Bitcoin Hardware wallet
https://crocs.fi.muni.cz @CRoCS_MUNI
Starting Sparrow wallet
32 EDUC: Bitcoin Hardware wallet
• Run your wallet with testnet switch (command line)
– ./sparrow –n testnet
– Sparrow.exe –n testnet
• Use Public Server option if asked
– Test Connection to verify connectivity
– Can be changed later File → Settings
• (Bitcoin Core and Private Electrum are more private options)
– You would be connecting to your own fullnode (but you must have one ☺)
• Check that you are online
– (right bottom)
(Examples created for Sparrow 1.6.6)
https://crocs.fi.muni.cz @CRoCS_MUNI34 EDUC: Bitcoin Hardware wallet
• sparrow -n testnet
• File → New wallet
1. New or Imported Software wallet
2. Use 12 Words
3. Generate New
• Write 12 words on paper
• Leave Passphrase empty
– (additional wallet diversification)
Create wallet
https://crocs.fi.muni.cz @CRoCS_MUNI
Create wallet
35 EDUC: Bitcoin Hardware wallet
4. Create Keystore
• Confirm backup
• Reenter words
5. Import Keystore
https://crocs.fi.muni.cz @CRoCS_MUNI
6. Apply
7. Set password or leave empty
– (encryption of local wallet file)
• Local wallet contains seed
– *.mv.db file
– File→Open wallet
Create wallet
36 EDUC: Bitcoin Hardware wallet
https://crocs.fi.muni.cz @CRoCS_MUNI
Wallet created (but empty ☺)
37 EDUC: Bitcoin Hardware wallet
https://crocs.fi.muni.cz @CRoCS_MUNI
Getting test bitcoins (tBTC)
39 EDUC: Bitcoin Hardware wallet
• If not running, run your wallet with testnet switch (command line)
– E.g., ./sparrow –n testnet
– Generate new (testnet) receive address
• Go to https://coinfaucet.eu/en/btc-testnet/
– If doesn’t work use https://testnet-faucet.com/btc-testnet/
– Insert your testnet receive address
– You may get more every 12 hours (per single IP)
– (but please don’t abuse)
• Check your tx: https://mempool.space/testnet
• Testnet TX explorer: https://blockstream.info/testnet/
– Software visualizing blockchain
https://crocs.fi.muni.cz @CRoCS_MUNI
Get mobile wallet
• Get Green wallet by Blockstream on your mobile phone
– https://apps.apple.com/us/app/green-bitcoin-wallet/id1402243590
– https://play.google.com/store/apps/details?id=com.greenaddress.greenbits_android_wallet&
hl=en&gl=us)
– Pick testnet option
• Try send between to Green and Sparrow
40 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Task: send some tBTC to your peer
• Select one of your neighbors as peer (PC1 and PC2)
• Obtain his/her receive address
– Via messenger: PC2 → Receive tab → Copy address → send via Signal → PC1
– Via QR: PC2 → Receive tab ; PC1 → Send → camera icon → scan address QR
• Enter some sats into Amount box
– Observe visualized transaction below (more inputs may be added)
• Try again, but now with manual coin selection
– UTXO tab → select one or more → Send Selected
43 EDUC: Bitcoin Hardware wallet
https://crocs.fi.muni.cz @CRoCS_MUNI
PC1 PC2
44 EDUC: Bitcoin Hardware wallet
https://crocs.fi.muni.cz @CRoCS_MUNI
Task: attack your setup! (15 mins)
• Imagine five different ways how you (as an attacker) can steal funds
from Sparrow single signature wallet of your colleague
– Write it into Miro: https://miro.com/app/board/uXjVPaI0Mp4=/?share_link_id=697987574971
• Password: ‘fimunicz’
– Be creative, assume weak but also powerful attacker (thief, organizations,
manufacturer..)
– Discuss the cost and prerequisites of the different attacks
• For each attack, describe how availability of secure element may help
– What functionality of secure element is required?
46 EDUC: Bitcoin Hardware wallet
https://crocs.fi.muni.cz @CRoCS_MUNI
(Look for your testnet txs from bitcoin core client)
• We send testnet tBTC => there must be corresponding transaction
• Can we look it on our own fullnode (bitcoin-qt we used previously)?
• Possible, but you need to download whole testnet3 blockchain
– Files are located in \Bitcoin\testnet3\
• When searching for transaction (locally), use --testnet switch
– bitcoin-cli -testnet
47 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
No assignment this week ☺
48 PV204 | LAB: Secure channels
https://crocs.fi.muni.cz @CRoCS_MUNI
HOW MANY QUESTIONS YOU KNOW
ANSWER TO?
49 PV204 | LAB: Secure channels
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions: Basics
• How can you get some bitcoin(s)? (At least three different options)
• How can I pay you 1btc if I have only one UTXO worth of 5btc?
• Can you get less than 1 bitcoin?
• Can you reverse bitcoin payment if send to wrong address?
• Why “Not your keys, not your bitcoin”? What is non-custodial wallet?
• How can someone steal your bitcoins? (At least three different options)
• For what reason are miners consuming a lot of energy?
• How frequently is new block with transactions included to blockchain?
• What will happen if I will try send double-spending tx to Bitcoin network?
• If I will send you bitcoin on-chain, can you tell from whom I got it?
• What is the current inflation rate of Bitcoin? What will it be in May 2024? Why?
50 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions
• Why should you use fresh new address for every receive transaction?
• Why is theoretical maximal limit of on-chain transactions ~6-7tx/sec?
• How is it possible to perform 1000tx/sec between two users (today)?
• When will all bitcoins be mined? What will happen then with mining?
• What will happen if one miner controls 51% of hashrate?
• Why is Bitcoin network not flooded (DOSed) with invalid transactions?
• Can Bitcoin operate without the Internet?
• What is difference between soft- and hard- fork? Why is Bitcoin
always aiming for soft-forks only?
51 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions
• What will happen if you create pull request to increasing total number
of bitcoins from 21M to 100M at https://github.com/bitcoin/bitcoin?
• What will happen if such code change is accepted by Bitcoin core
developer?
• Can I operate full Bitcoin node without owning any bitcoin?
• Can you receive bitcoins without operating full node?
• What attacks are possible if I’m using Bitcoin wallet which is not
connected to my trusted full node?
• What will happen if someone manages to compute SHA256 with
specified number prefix zeros (mining puzzle) 1000x faster than now?
52 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions
• What will happen to Bitcoin security if quantum computer powerful
enough to break 256b ECC is build?
• When will Proof of Stake replace Proof of Work in Bitcoin?
• What is a difference between public key and Bitcoin address?
• What ECC curve is used for Bitcoin?
• What happens when private key for some UTXO is permanently lost?
• How you can you make your relatives to inherit your bitcoins?
• Why is open-source important for Bitcoin to work?
53 | PV204 Bitcoin
https://crocs.fi.muni.cz @CRoCS_MUNI
Questions
• How high fee is required for transaction to be included to block?
• What information is one leaking when browsing transactions using 3rd
party block explorers?
• Why is coinbase transaction (miner’s reward) spendable only after
100 blocks?
54 | PV204 Bitcoin