Explore
For Enterprise
Join for Free
Log In

艺术与人文
商务
计算机科学
数据科学
信息技术
健康
数学和逻辑
个人发展
物理科学与工程
社会科学
语言学习
學位和證書

瀏覽 Coursera 的全部課程

瀏覽
搜索
企業版
登錄
免費加入

What Can We Decentralize?

Loading...

比特币和数字货币技术

普林斯顿大学

4.7（1,980 個評分） | 340K 名學生已註冊

To really understand what is special about Bitcoin, we need to understand how it works at a technical level. We’ll address the important questions about Bitcoin, such as: How does Bitcoin work? What makes Bitcoin different? How secure are your Bitcoins? How anonymous are Bitcoin users? What determines the price of Bitcoins? Can cryptocurrencies be regulated? What might the future hold? After this course, you’ll know everything you need to be able to separate fact from fiction when reading claims about Bitcoin and other cryptocurrencies. You’ll have the conceptual foundations you need to engineer secure software that interacts with the Bitcoin network. And you’ll be able to integrate ideas from Bitcoin in your own projects. Course Lecturers: Arvind Narayanan, Princeton University All the features of this course are available for free. It does not offer a certificate upon completion.

查看授課大綱

您將學習的技能

Bitcoin Network, Blockchains, Cryptocurrency, Bitcoin

審閱

4.7（1,980 個評分）

5 stars
1,504 ratings
4 stars
375 ratings
3 stars
71 ratings
2 stars
20 ratings
1 star
10 ratings

LB

Jan 15, 2017

I find this course prepared very well. There are many perspectives and this course does not concentrate on the technology only. I find this course very helpful. The level is more then just beginner.

AG

Feb 08, 2017

Loved this course! It was very thorough. However I think assignments could have been made more clearer as it was often hard to figure out what needed to be done without checking discussion forums.

從本節課中

The Future of Bitcoin?

The use of Bitcoin technology for decentralizing property, markets, and so on has been hailed as a recipe for economic and political disruption. We'll look at the technological underpinnings of these proposals and the potential impact on society.

The Block Chain as a Vehicle for Decentralization14:56

Routes to Blockchain Integration28:24

What Can We Decentralize?24:09

When Is Decentralization a Good Idea?16:15

教學方

Arvind Narayanan
Associate Professor

腳本

So we’ve talked a lot about how to decentralize.

Now I’m going to give you a taxonomy of the different things

that we can decentralize.

At least, we know technical solutions for how to do these things.

And this is where a lot of the excitement is around for

using block chain technologies.

So the first category is things that are purely digital.

And perhaps the most basic example of this is name mapping, what do I mean by this?

Name coin is a good example.

It's a mapping between human readable names and addresses.

And so as long as you have something that's purely digital,

it's a simple matter to use consensus technologies so

that different participants can enter new values into the system,

change values and so on, or read values back, and

the block chain can be used as a record of the current state of that mapping.

So the next two are storage and proof which we've seen earlier in this lecture,

storage A and the paper proof idea that we saw earlier.

These are sort of complements of each other.

One is paying for storage, of course, and the other is paying for computation.

You can also have random number generation.

What does this mean?

This is something you saw in a previous lecture, using Bitcoin as a beacon.

So a beacon is something that ahead of time nobody should be able to predict.

But once the beacon value has been generated everybody should be

convinced that the value is in fact generated truly randomly.

So again, bitcoin is a good vehicle for doing that.

And lotteries, at least if you were talking about lotteries where the payment

and payout is denominated in the currency of the block chain itself.

Then running a lottery reduces to a random number generation problem of picking one

of two input addresses of a transaction to use as its output address,

basically that's what it translates to.

And so you have a centralized bitcoin lottery systems like Satoshi Dice, but

certainly it's fairly easy to imagine doing these in a decentralized manner

as well.

Let's move on to the next category,

which is things that aren't inherently digital but can be represented digitally.

This is a big category, real-world currencies of all kinds, stocks bonds and

other assets and so on.

This is where perhaps a huge amount of the excitement is of

how to use block chains for other things.

And so what does this mean?

Let's look at colored coins as one example of the specific mechanisms that

you might use for decentralization.

If a particular color were to represent a particular currency and

some other color were to represent a stock of a particular company, etc., etc.,

then you have all these assets that you can transfer between participants and

you can pay for and so on.

And so you have trading of any of these assets, and also you could have

atomicity between the trade of the asset and the transfer of payment.

That all sounds well and good, but here's the real problem.

What is the mechanism to ensure that what you're calling one dollar

in terms of colored coins is actually worth one dollar.

That could happen if some banker or

consortium of banks agrees that they will back, using

their deposits to there physical bank accounts, the corresponding colored coin.

If there is some entity that promises that one to one pegging, then you're good.

Similarly, if there is a company that agrees to actually release stock

in a digital form or agrees that they will treat that digital stock as equivalent

to their physical or real world stock, then you're good.

But otherwise all that you've done is invented some new

thing that you're simply calling dollars, for example, but

whose price is floating freely with respect to actual dollars.

So in other words, you've just invented a new currency, and

inventing a new currency is not an accomplishment at this point and

in fact we have a surfeit of these things using block chain technologies.

And so, that's the real challenge here.

It's not so much representation, but this economic problem

of actually ensuring an equivalence to the real world analog of this.

And, most of the proposed solutions for this don't solve that harder a problem,

except maybe one, which we'll look at near the end.

Let's look at the third category, which is property ownership and

trade, which is what we started by looking at.

We can decentralize that using smart property and atomic exchange, and

these two are ownership and trade related.

They're not quite the same thing, but you can't completely separate them either.

And hopefully, the discussion at the beginning of the lecture has given you

a good understanding of how to decentralize this.

Now, the fourth category is going to be more complex contracts.

Trade can be thought of as a very simple contract.

You give me this object in exchange for a certain amount of money, but

you can have more complex contracts like crowd funding, which is also something

we've seen, but also financial derivatives which is another big area of excitement.

So what are financial derivatives?

Derivatives have an underlying asset and the value of the derivative

depends in some way on the price movements of the underlying asset.

The key thing about a derivative you can think of it as sort of a conditional

statement that depends upon the price of the underlying asset

some time in the future and so forth.

And using this kind of language, you can express quite complex statements.

An example would be you can have a contract between two parties that says,

for this asset, if the value goes beyond $5 past a certain date, then for

every dollar that it rises above $5, you owe me $2.

So that would be a way to hedge your belief that the value of this asset is not

gonna rise beyond $5.

So again, you can do financial derivatives using some of these systems, especially

some of the more expressive altcoin-based systems are a great vehicle for this.

Now one nuance to note is that

these conditional statements depend upon the price of the underlying asset.

And so whatever script or other mechanism that you have in your block chain system

that depends upon this price should have a secure way of knowing what this price is.

And this is called a data feed that you saw a bit earlier,

we're gonna see again later in this lecture.

But one possible way of getting around this need for

a data feed is if the underlying asset itself is traded on the same block chain

using the asset decentralization idea that we saw a couple of slides earlier.

And so, if that is happening, then some sort of price discovery might be possible,

but again you have to worry about whether this price that you are discovering

through the block chain itself is reliable or whether it could be hacked by somebody

creating artificial transactions and taking both sides of it, for example.

So, this is all not quite fully understood, but there is a lot of

excitement around it, a lot of proposals, and it is certainly possible that

some time into the future this is going to get much better worked out and

we might have some sort of working system for trading in these things.

So the next one is something that's even more in the sort of vague idea or

proposal stage but

also there's a lot of excitement, which is decentralized markets.

So let's talk about markets and auctions for a second.

Let's forget about decentralization.

Let's look at some real world examples of things that act as markets and

see exactly what features they provide in order to gain a better understanding of

what it means to decentralize things.

In fact, let's look at four examples.

A used bike store is basically where you go and sell your bike and

so you have a separate transaction with them, selling your bike for money.

And then they have a separate transaction with somebody else,

reselling that bike and you don't directly interact with the person who

eventually rides away with your bike.

So that's one model.

Another model is eBay, which only matches participants and routes payments.

PayPal is a payment processor.

They don't match participants, but

another function they perform is that they do a limited level of dispute mediation.

And finally, you have the Craigslist model where they're not actually involved in

the exchange at all in any way, except for matching participants together.

So we've identified several different functions that these

markets give participants, and let's see what we know so far about how to

decentralize each of these functions, and what to do about the rest of them.

So the most obvious one is payments, and of course we have crypto currency for

doing those.

We have transfer of actual goods, which we can use smart property for.

Further, we can leverage atomicity to couple

the transfer of ownership of goods with the transfer of the payment.

And we know how to do a limited form of dispute

mediation using this escrow process.

But what we have not seen so far at all is how to match participants who want to take

different sides of a trade.

And that's what I want to tell you about now.

So now I'm gonna show you a not fully fleshed out idea, but

hopefully enough to give you an intuition.

An idea for how to do this kind of decentralized matching.

Let's go back to the car example, let's say Alice wants to sell a car.

What she's going to do is she'll create a transaction, a partial transaction,

not a fully complete one yet, that contains the necessary information for

transfer of ownership, as well as the sale price that she wants,

the minimum price that she'll accept, and broadcast it onto the network.

It's not a complete transaction yet, it won't get onto the block chain, but

it will get broadcasts nevertheless.

Now the counterparty, someone who wants to buy the car,

is going to find the transaction, determine that it meets their criteria for

a car that they want to buy.

Perhaps this transaction has encoded information that has a webpage or

just within the encoding itself,

all the things you need to know about the car that you want to buy.

So as I said, it's not a fully fleshed out idea.

So this counterparty completes the transaction, they sign it, and

then they broadcast it once again out to the network.

At this point, the transaction is complete.

It has all the information that it needs to get onto the block chain.

And so the transaction is automatically complete.

Of course, this is a bit of a crude idea.

It's hopefully enough for you to get the picture.

One wouldn't necessarily want to do it this way.

For one, it's very inefficient.

Every partial transaction that represents somebody wanting to sell something,

needs to be broadcast to everybody in the network.

But other than that, there's not a whole lot of control in the matching process.

But it's something,

it's a basic way to decentralize this idea of the buyer finance seller.

There is a variance you can use, which is that instead of partial

transactions being broadcasted onto the P2P network,

you can have partial transactions under your chosen representation.

But nevertheless,

are complete transactions in terms of the underlying encoding unto Bitcoin.

And so you could have these offers for the car, for example,

be an actual complete Bitcoin transaction that gets onto the block chain.

And so

only when it gets into the block chain will it get noticed by potential sellers,

and then they will continue to process that and take you to the next stage.

A variant of this is the auction,

where you create your transaction in such a way that the buyer cannot simply

complete the transaction broadcasted onto the network and finalize it.

Instead what they'll have to do is they'll have to assign it and then return it back

to the seller or the auction creator, who will then further need to

sign the transaction in order to be fully valid, to then complete that transaction.

And this allows the seller to acquire different bids

from different potential buyers and pick the one that she likes best.

Another interesting variant of this is the double auction.

A double auction happens when you're buying and selling stocks, for example,

where it's, the offers are coming from both sides, the offers and bids.

And so what you need is some party in the center that's matching these offers and

bids together.

So one way in which you can achieve that is you can actually have the miners to

match these orders that are being broadcast onto the P2P network.

And you can allow the miners to keep the bid-ask spread,

which is the difference between the bid and the ask.

And one good property of doing it this way is that It avoids miner front-running.

What does that mean?

It means that when the miner finds a really good offer,

then they can ignore the bid that's coming from some other participant in

the network, create their own bid, and complete the transaction, and

get a better deal than they otherwise might have.

All right, so now lets move on to data feeds.

We looked at this a little bit earlier let's look at it in a bit more detail,

you've also seen it in a previous lecture.

Data feeds are a way for

what we'll call arbiters to assert real world facts into the Bitcoin block chain.

And there are some very natural applications of this.

If you have a feed of price movements that allows you to implement derivatives,

if you have feeds representing outcomes of events,

that allows you to implement prediction markets and so on.

So data feeds are not necessarily interesting for their own sake, but for

the things that they can help you implement.

So allowing these arbiters to assert these facts is already a step better than

having a single designated entity that's going to create all of these data feeds.

So this is a form of decentralization in the sense of competition between arbiters.

And this is what we saw in the example of decentralizing prediction markets.

There are also other means that one can use in order to improve security here.

You can use trusted hardware.

For example, you could write a script that parses finance data, for example,

from finance.google.com, and uses that to create a data feed of stock movements.

And what you can do is you can put that on trusted hardware, so

that anybody can verify that the script is actually doing what it's claiming to do.

This still leaves other things that you have to take on trust, for

example, that Google is not lying to you or

somebody is not tapping the connection between the script and Google.

You have to rely on HTTPS for security, etc.

So those are not perfect solutions.

There are no perfect solutions here.

Ultimately, data feed require somebody to actually do the active importing from

the real world into the block chain, but here's something interesting we can do.

With data feeds we can have a threshold of different arbiters.

And that's particularly useful because inherently there are big incentives to lie

for these arbiters when the data feeds that they're putting onto the block chain

affect the outcome of contracts, for instance.

So what do I mean by a threshold of arbiters?

Let's look at a concrete example.

Here is one way to implement a data feed.

A centralized version, or a somewhat centralized version where you still have

individual arbiters as competition between arbiters and so on.

How that might work is, let's say there is an event E with outcomes X, Y, and

Z, corresponding to maybe the presidential election or something like that.

Then this event E corresponds to this transaction in the block chain.

Everybody agrees upon this representation.

And when an outcome happens, this transaction will be transferred to one of

three different addresses corresponding to X, Y, and Z.

And of course it'll be signed,

this transaction will be signed by the arbiter A.

And by looking at which public here, which address

the transaction was then transferred to, you can figure out which outcome happened.

So this is one way of implementing a data feed.

How can we decentralize this data feed in terms of a threshold of arbiters?

Let's say we want these arbiters to be able to declare an outcome

only if two of three such designated arbiters agree that X is

actually the outcome that happened, and not Y or Z.

So how can we implement that?

Recall that Bitcoin has a multi-signature feature.

So what we would do is, we would make sure that this transaction output is a two out

of three multi-signature address that is controlled by these three different

arbiters, A, B, and C, each of them has one of the corresponding private keys.

And so only if two of them agree, let's say A and

C, then they will be able to create this transfer transaction.

So that's a way of decentralizing this notion of a data feed so

now we can go back to the picture that we had earlier

of the spectrum of levels of decentralization.

So now we've seen an example of what it means to have a threshold of

intermediaries which is a distinct concept from having multiple,

competing intermediary.

Let's now move on to another thing you can use launching

technologies to decentralize.

This is something there has been a huge amount of hype about,

called autonomous agents.

What are autonomous agents?

Different people have proposed this and so in different conceptions

there have been different sets of features that have been proposed.

But here is a good set to focus on.

One is that these agents will be able to enter into contracts with other

participants.

They will have data feeds from the real world as a way of having

real world input into these contracts.

And these agents might perhaps have shareholders,

or some other manner, in which humans can

vote in order to change the rules by which the agent operates.

So that's a key distinguishing factor for many of the ideas that we've seen before.

And some variance of this notion of an agent also has some idea of reproduction,

mutating the code and improving with time, etc.

This is again quite hypothetical concept.

There are a number of challenges to realizing this in practice.

One challenge is going to be is this agent something that needs to keep private

state, or

is it something that will truly execute on a transient basis on the minor notes?

And if it does need to keep private state where is that going to come from and

how can we decentralize that?

And is it even meaningful to talk about decentralizing it?

Another challenge is this funny problem of a sort of hostile takeover.

If there is this notion of voting to change the rules then is it possible that

whatever constitutes the shares of ownership of these agents, somebody could

buy it up, acquire 51% of the shares and then vote to change the rules.

So that all of the agents of the asset, for

example, will be transferred to this party who's doing the hostile takeover.

And this is a problem should there be defenses against this.

So there are a number of open questions here.

I will make one point, though.

People call these decentralized autonomous agents, the decentralized version of this.

They also call it decentralized autonomous corporation.

This is not a technology that I like very much.

I feel that this vision of decentralized agents misses all of the important or

assailant features of a corporation which is all the legal

backing that goes into it.

And so it gives it a certain kind of rights and

responsibilities in the real world where as we're in this parallel universe where

everything has to be defined and enforced by technology so

I don't feel it makes allot of sense to call it a corporation.

Agent is the term I prefer.

All right here's the final category that I want to tell you about.

And this is quite interesting because at first sight it might look like

there's really no way of achieving decentralization here.

So what are we talking about?

Exchanges.

What do I mean by exchanges?

It's all well and good to represent some sort of colored coin for

example as representing US dollars and then to trade that.

But ultimately, if you want actual exchange between whatever you're

calling US dollars and real world US dollars, you need something more, and

that can be illustrated using this problem.

Alice would like dollars in exchange for

Bitcoins, and Carol would like the opposite.

It seems like they should be able to trade with each other,

but there is no real way of doing it over the Internet

in a situation where they don't trust each other.

Because one of them has to send the other Bitcoins and

then hope that this person is going to mail them cash or use PayPal or

whatever other way of transferring real money.

What do we do about this?

Well, maybe they have a mutual friend Bob, then this simplifies things a lot.

What they can do is Alice can have a separate transaction with Bob.

And since Alice and Bob are friends, Alice can send Bob Bitcoins,

and trust Bob to send dollars over some other mechanism.

Or even meet in person later and send dollars.

And then Bob can do a similar transaction with Carol.

So this intermediary has neatly solved the problem.

But this still seems to have a lot of limitations because

they need to have this mutual friend with each other.

What if they're on opposite sides of the world?

So here's how we can solve that.

First of all, we can make this a bit more efficient.

Instead of calling this a transaction where Alice sends Bob Bitcoins and

Bob sends US dollars back to Alice.

What we can say is that Bob simply sends Alice some kind

of digital token representing the fact that he now

owes her some amount of money, let's say $100.

And we know really well how to do this,

this is exactly the same as some sort of digital asset.

We know how to represent this in a variety of black chain based technologies.

And similarly, Bob could have this transaction with Carol, so the only thing

that would actually happen is Bitcoin's changing hands, as well as this

new relationship of debts being represented in the system.

So this gives us a starting point for

scaling this up to an arbitrary scale, even to the scale of the whole world.

Let's imagine a social network that represents the trust relationship between

all pairs of friends, and so what could happen here is there could be a complex

chain of interactions through which a node here exchanges Bitcoins

with a node here in exchange for US dollars or whatever currency.

And it would simply be represented in the system as a series of IOUs.

And what would make all this work is that in the system, pairs of friends must

pre-declare how much debt they're willing to extend to each friend they have.

So Alice might be willing to trust Bob to owe her $100 and

be confident that he repay her that amount.

She might have a different relationship with Dave and other users, and so on.

Another neat feature of this whole system is that if there are a variety of these

debts that are expressed in terms of the edges of this graph.

Let's say you have a triangle of users successively owing each other.

Then you might be able to simply cancel out that debt within the system.

And so if you have a reasonable number of trust relationships,

and if you have a good amount of liquidity in the system,

you might be able to go a long time and keep doing a lot of these transactions and

not accrue too much debt overall in the system.

Because a lot of these debts are going to cancel out in the long run.

So that could make the system quite efficient in the long run.

So this is a simplified version of what Ripple does.

Ripple is what you might call an Altcoin, but it's a bit more than that.

It has its own consensus mechanism.

It's not exactly based on proof of work, but this notion of trust relationships and

IOUs is something that's central to Ripple, and what it allows you to do

is disintermediate the notion of currency exchange.

So in other words, we've decentralized a currency exchange in the sense of

disintermediation using an Altcoin and

the key property that we've used, earlier we saw atomicity and so forth.

We used none of that here.

We used something different.

We started with a limited amount of trust and

we used the transitive property of trust to take that

up to the level where it can scale to all of the participants in the world.

And in Ripple as it currently exists, at least as I understand it, most of

these participants are not individuals but instead banks and other institutions.

But you can certainly imagine the exact same kind of network working for

individuals as well.

探索我們的目錄

免費加入並獲得個性化推薦、更新和優惠。

Coursera 致力於普及全世界最好的教育，它與全球一流大學和機構合作提供在線課程。

© 2019 Coursera Inc. 保留所有權利。

通過 App Store 下載

通過 Google Play 獲取

Coursera
關於
管理團隊
工作機會
目錄
證書
MasterTrack™ 證書
學位
企業版
政府版

社區
Learners
Partners
Developers
Beta Testers
Translators

連接
博客
Facebook
領英
Twitter
Instagram
YouTube
技術博客

更多
條款
隱私
幫助
內容訪問
媒體
聯繫我們
目錄
附屬公司