Fabien Potencier - Let's create a blockchain with PHP! - phpday 2018

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

I'll leave this here:

https://www.arionum.com/

👍︎︎ 1 👤︎︎ u/doppelganged 📅︎︎ Aug 09 2018 🗫︎ replies

Captions

[Music] [Applause] so today I'm going to talk about the blockchain or blockchains not sure if that's a word or you know a concept we are going to talk about cryptocurrencies Bitcoin and a big warning up front I'm not going to talk about speculation I'm not going to argue about which coin is better than the other ones I'm not going to tell you which I see oh you need to invest in I'm mostly interested in the technology behind blockchain trying to understand what kind of problems it solves and if it is useful for something you know because apparently if you have a look at the new projects out there most of them have a blockchain somewhere so it looks like we have found a magic wand that is able to solve all the problems of the world that's great news right and I'm a bit skeptical so to really understand what we are talking about what a blockchain is what kind of problems it's off really let's dive into the details of the Bitcoin protocol and the core technologies so today we are going to talk about not just the concepts but about the technology behind the scenes and we are going to try to build a blockchain with PHP and we are going to try to build a coin the fab coin of course that makes sense of I think it's very valuable and I have a lot of them and if you want some perhaps at the end of the talk you can come to me and I can sell you some for a lot of money okay so so the main concepts of the blockchain are I think quite easy to understand it fully comes down to a few things and when you put them together all of a sudden you have something that is really powerful but you really need to understand that it was created for one use case and it is very good to solve this use case which is the Bitcoin or any alternative coin so just to be clear using a blockchain is almost never the solution for your problems ok ok so let's start now so we're going to talk about digital money that's the main usage of blockchains of course and one of the very first experiment was dt cash it was in 1989 I think and it went bankrupt ten years after that so in 1988 which is 20 years ago so it was a first experiment and it went bankrupt because it was probably too early so nobody was actually using these digital money but it was nonetheless a very interesting experiment and we learned a lot because as soon as the company went down the money BAM disappeared we are nothing so even if you add some coins some money little money in DT cash all of a sudden you had nothing so what we learn is that having something is centralized does not work for a digital money so we need something else and of course that something else is Bitcoin which is another experiment I would say and it solves some problems that you know we add with DT cash and mainly centralization so Bitcoin is really about three different concepts the first one is identity the second one is decentralization and the third one is network consensus and we are going to talk about the three different concepts today I remember I think it was five or six years ago I was here downstairs somewhere doing a talk about HDPE and back then I recommended to read the HTTP specification I don't know how many of you have actually read the specification the HTTP specification okay I think I need to give up the good news is that this year I'm going to recommend you to read the Bitcoin white paper it's only eight page long it's very easy to read very easy to understand and up fully after the talk is going to be even easier to read you will see the main concepts and which kind of problems Satoshi tried to fix okay so talking about digital money let's create one really quickly I'm gonna switch to my okay let's have a look at the code so I have a code here that's plain PHP this JSON file is where I'm going to store all the balances of everybody so I don't have the file right now if the file does not exist then I'm going to give me a lot of coins and if if it does exist then I'm just loading dependencies then we have three different methods the first one is want to get the balance of someone the second one is to create a user so yeah that's plain PHP that looks kind of weird if there is already balance for the user then that for for 500 or whatever go away if not we give the user zero coins and then we have a method to transfer the money from someone to someone else and of course we're trying to avoid someone getting under zero make sense I think we're done so let's try if that works I need to go to a browser okay mmm okay so we are not going to try that now for a couple of reason and the first one is that I don't have the web server running so it's not going to work anyway okay so that's an implementation of the digital money very simple one there are a bunch of problems right can you spot some of them very quick yeah authentication yeah of course authentication but we could add some username passwords or something like that but of course we would need some kind of you know credentials yeah something else hmm yeah mm-hmm something else hmm yeah on my machine yeah you trust me right I can steal the money very easily if I close my laptop money is gone hmm yeah bye-bye so that's a lot of problems a lot of challenges so the first one is I think the very first problem is that there is no plug chains right that's a big problem no block chains it means you know the value is zero it's local only so availability and reliability is not there again if I cross my laptop it's gone it's a single point of failure authentication of course we could add passwords and trust if it was on a server a government could ask me to shut down the server it could you know shut down the server as well so we need something that does not depend on a third party really so the very first problem I want to talk about is availability and I'm going to talk about that through decentralization and that's probably the most important one and one that made Judy cash I failure really so removing that means that I want something that is not depending on a central server I want something that depends on a lot of network of servers or machines really and I want to be able to add more servers or more machines or remove machines and the network should still work so want me to do that so we want to go from a client server that is very familiar in the HTTP world where the state is on a centralized server and then you have clients talking to a demain server to way to a state where we have many servers talking together with a shared state and that's the main point here we want the state to be on every server so that if a server leave leaves the network that's not a problem right because the state is shared on all the servers and to do that we're going to use what we call a gauzy protocol a GoSee protocol is very easy I'm talking to Stefan is reading is tweet so I'm saying something to you and then you are talking to someone else and at some point everybody is aware of what I'm talking about but it can take time right you can't attempt from the information to go from here to over there right so that's the main issue with the Casa protocol and one that we are going to talk about a lot today okay the great thing about the Casa protocol is that even if I am the first machine in the network if I start to add more machines I can leave the network that's not a problem because everybody has all the information about the state of are all the information that we want to share between all the servers okay so let's so let's forget about money for for a minute and let's take another example let's say that we want to share the best talk during PHP day right so I know that my best talk is mine whatever Stefon like to talk about the messenger component yeah okay but the thing is over time we are going we are going to change our mind right the conference is not other which means that you can change your mind right and we want information to be shared between all the participants so let's create a GoSee protocol with PHP that's the second example I have here I'm going to close that okay so I have the state so state is a single very simple class here it takes a user user is really just that you know when we're going to print something on the screen it's easier to understand we report that the poor I'm listening to so we are listening to port and then we can have a peer appear I need to connect to the first time so the very first one doesn't have appear of course that you know the first machine but then when you want to connect to network you have a port and you need to know at least one clear port then we have a bunch of sessions stored in a file nothing fancy here and then if there is a port and if I don't have a state yet then I'm updating my state and basically if we have look at the update main method we we get a random session and we increment version why do we need a version here the thing is it takes time to propagate the information so if Stefan says I like a decision about the workflow component and then ten minutes later you say no no I like the messenger component session more as it takes time I might think it's best session is still workflow but the new one is messenger but I know I'm not aware and someone else has already the new information so when I get information from two different people one is going to say ok Stefan likes added messenger component session more and someone else is going to say me something else how can I decide which information is actually the latest one that's why I need version I'm going to keep the latest version of the information right ok so the thing is the network is going to be eventually consistent and that's the key point here ok and then I'm going to store my state and that's all ok now I have a loop I'm looking forever and I'm going to communicate which with each here I know of so at first it's going to be one peer if it's me not going to talk to we're going to continue and then we are going to encode the state and we're going to post our state to the peer that we know okay and the state here is really about my port and my peer port so I'm going to send all the information and of course my best session of course okay so here let's have a look at what we are doing here so we are training a state for the user and then we are going to update our state based on their state okay and then we are going to send back the state of the peer right so if I'm communicating with Stefan I'm going to send him my state is going to update in state and then it is going to send me back is updated state right everything is okay okay so how do we update the states and that's the important thing here so we iterate over all the information that we get from the peer if it's me I'm not going to update anything of course we are checking that the data are actually correct and then if we know nothing about the peer then we just set a state and also if the version is more than the current version that we know of right there are two possibilities okay if we try to do that so here on the Left user Fabian that's me and going to run gossip that Sh basically the script is doing something really easy it tries to find a port and available port starting with 8,000 and then running Mako zip script forever okay let's try that so I'm here and as you can see I'm changing my mind over time about which session is the best and you can see the version number and before the session name okay I'm trying to connect now another pod so it's going to be Ellen and the pier is Fabian and if everything works they are going to start to talk to each other and at some point you can see that you know they know a batch about the session the best session about the other one right I can add another one and this one Tomas he knows about Ellen Puri knows nothing about Fabian right but as is going to start to talk to Ellen Ellen is going to say ok I know that Fagin exists and then is going to communicate as well with Fabian right of course I can then kill Ellen for instance I mean the process of course and and as you can see it still works no problem right I can run Ellen again and kill the first node see works right that's the CAHSEE protocol ok ok let's go back to slides now so what we have achieved now is fault-tolerance we can add more machines we can remove machines it's not a problem the thing is there is a problem or there are many problems the first one is that someone can tell me that Stefan's best session is something with a very high number for the version if someone does that I don't know that you know the guy is not Stefan and Stefan is not going to be able to override anything because the number the version number is really high right so there is a problem so we need some kind of authentication but using a username and password does not work anymore why because we are sharing the state which means that I don't want to send you the password my password and you don't want to send me your password so that's a big problem we can't use usernames and passwords anymore so what we need to do is to find something else and what we're going to use now is cryptographic identities basically what we need is a public private key so the public key is the equivalent of the username and the private key is the equivalent of the password there is a big difference between public and private keys and user name and password and a big difference is that there is relationships between the public key and the private key okay if I give you the public key and the public key is public so you can share it that's not a problem and of course you don't need you don't want to share the private key that's the password really if I sign a message if I encrypt a message with my private key I can send you the message and you can decrypt the message with the public key but here I'm not that interested in encrypted messages because the fact that I'm sending you some message is not something that I want to add from the network its public as well what I want to be sure is that you sent the message so what I want to be able to do is check that the person who sent the message is actually the right one so if I can check with the public key and the way to check that is to decrypt the message and check that the message is the same as the none encrypted one if two the two are the same then I know that you actually signed the message with your private key which means that nobody can actually force that right if you want to force something then it means that you have the private key of the guy if not then the public key will not be able to decrypt the message and check that it is actually valid okay the way of yes I have a demo of that so let's have a look at the code so here that it's quite simple because with open SSL support in PHP there is nothing fancy to do so the first thing I wanted to be able to do is to create or generate a pair of public and private keys that's how you can do that I'm returning the private key and the public key and in a way to encrypt a message to decrypt a message but more importantly here I want to check that a message is valid and to check that the message is valid I need the original message and encrypted the encrypted one and the public key right and if when decrypting the cryptic message with the public key I get the same value as the message then we are sure that the message was actually signed by a private key so here the cryptic message is more like a signature really and naturally used for encryption so now using a thing we generate a key pair the public key and a private key we have ello world as a message we encrypt the message we print the encrypted message we decrypt that and then we check that the message is valid okay let's run that so that's the public key and by the way that that's exactly what you get when you create a Bitcoin account wallet whatever you have a public key that's your public identity and then you have a private key the encrypted message which is really a signature the decrypted message and it is valid okay okay let's go back here so now we have a peer-to-peer network with the gossip protocol we know how to have an identity on the network with cryptography but there is a problem there is a problem because I can lie very easily I can sense something here I can say something else there and you will be able to check that I'm the one who actually said that because I've signed the messages but I have sent two different information and remember if you are really far away in the network it's going to take time to actually propagate and to find that there is a problem for the sessions that's not problem for money that's a big problem let's say I want to give you one coin and I'm going to give to give the same coin to someone else at the same time you will be able to check that I am the one who actually sent the thing the coin but you won't realize the problem until you are trying to spend the coin again and then network is going to say no no the coin is not yours it's there okay so and that's the double spend problem and that's the main problem solved but Bitcoin protocol right how can I be sure that Cohen is not spent twice that's the main thing so how do we solve that the first way to solve that is with a central bank if you have a central bank then it's very easy I'm going to send a message to the bank but if I'm going to send the message twice the bank is is going to say no no no you already spend the coin no way you're going to spend it again right but we don't want that we want something that is decentralized okay so how can we fix that there is one way is that when I'm signing a message I'm adding a word from the newspapers of today so I can be sure that when you decrypt the message you can check the newspaper and be sure that it was actually signed today it's not very practical of course but that's one way you can solve the problem that's another way we are going to use today of course so to do that we need some kind of coordination which all the notes and as it takes time to propagate information if we are able to slow things down if we are able to wait for the information to propagate everywhere in the network you would have realized that the coin will spend twice right so at first what I want to do is to be able to slow things down remember that and remember what people are saying about Bitcoin protocol the thing that you know you can spend money really fast that's a lie that doesn't work I mean right now okay to do that and that's that's something really great we are going to use what we call proof of work that's how it's called in the Pitkin world and so the way we are going to coordinate is that we need to wait for we need to make transactions lower so to do that we need a way to slow the computer that is actually sending the message or creating this transaction really that that's what we call mining but before getting there let's have a look at how we can slow things down okay one can say that using PHP is a great way to slow things down that's not enough so basically so we want a CPU to do some work so we need to find something that is really slow a CPU is really good at solving math problems so that's what we're going to do I don't want you to read the screen now so the problem we want to solve is something that is really easy to create but very hard to to something that you can't okay so you have a value you want to do something and the result is stable so if you have one in the same input you always have the same output we want something that you can't guess so if you make a slight change in the input the output is totally different but we also don't want you to be able to go from the output back to the input right and that's weak that's something we can do with Ashe functions right so if we can do something like Ashe 66 and hello okay so same input gives you the same output if I slightly change the input the ad word is going to be totally different and there is no way you can go back from the output to the input or at least we think so it depends on the as function you are using of course but as you can see even in PHP that's really fast really really fast so it doesn't solve the problem so instead of doing that what I want is I want to find a nonce which is really a random string random value and when I'm adding the nonce to the string I want to add to contain a number of zeros at the beginning of the ash right so let's try that let's a no let's see let's be no that's the eighth one no to know yes right I have one zero so I need to try a lot of things to have one zero now I want to zeros now I'm going to try the head by an instead we are going to cut something so here to find an ounce what we are going to do is we are going to check that the nonce is valid and checking that is computing the ash of the message with the nonce and if it starts with a certain number of zeros then that's okay let's try with three zeros and the nonce is really just an integer that we are incrementing all the time right and then we have the message in a word and we want to find an ounce for the message we are printing an ounce which is really of iterations that we need to find something that works and then the ash okay okay so we need 500 iterations to find ash with three zeros at the beginning of the ash if we ask for four zeros oops it's going to take more time and more iterations and if I ask for five texts more time you get the point that's it that's exponential actually right that's how I can slow things down and it means that depending on the number of zeros is going to take more time or less time so we can adjust the complexity depending on number of zeroes that we want at the beginning of the ash so it's not going to work okay let's go back here so that's mining that's not really the solution because oops okay it's not a solution because I can still the basement really easily I'm slowed down which means that it takes more time for me to create two transactions but that's it just take me more time so that's not really the solution we need something more than that and the more than that is a blockchain at rest so the blockchain is really just a number of blocks chained together so in a block we have the message we have a hash and we have the previous ash so the list is actually linked which means that to add a block to the blockchain you need the previous ash and you need to find ash starting with X zeros and the the message that we want to ash is actually composed of the message plus the previous ash okay and the great thing about that is that if we shuffle the blocks the blockchain is not valid anymore right because the previous ash is not going to be the right one so now we have solved the problem because we have an order right so if if I create the first transaction which is blocked - if I don't want to create another transaction with the same coin it's going to be block 3 after block 2 right so we have altering now yeah okay and that's it that's a blockchain a blockchain is just a linked list with ashes it does not solve any problems other than the double span problem that's it it's not a database it's not a distributed database it's not right and remember all the nodes in the network they have all the information the state is shared by all nodes in the network right ok we still have some problems of course and the problem is that I can fork the blockchain so remember I've blocked - I can crack block free but I can create blog for with the same previous ash as block - so I can have a fork at some point so how can I decide that block 3 or block 4 is actually the right chain right and that's where everything clicks together so and that's the beauty of the Bitcoin protocol really you will see that it solving that problem is so easy the rule is very simple the rule is that you always keep the longer chain the chain where they are the most blocks why because remember to create a block you need to spend some cpu time to compute a hash right which means that creating a block takes time now if you want to fork and you want to double spend a coin we are a large number of people participating in the network of course so you have the first transaction and people are going to do other transaction so blocks are going to be added over time if you want to fork the chain at some point you need to keep up with the chain to be sure that you have the longest chain so that it is accepted if you are not able to keep up it's going to be discarded at some point because the longest chain is going to win at some point which means that if you want to fork the chain what you need to be able to do is to have more CPUs than the rest of the network so basically you need you need to have more than 50% of the computational power of the network which is impossible right and that was the vision of Satoshi in his white paper everybody should be able to participate in network which means that the blockchain is almost impossible is that the case now no it's not it's not because now we have mining pools so all the people so you don't have the blockchain on your laptop anymore that doesn't work you can't mine bitcoins on your laptop anymore that's not possible anymore which means that we have a few big companies that have a lot of power in and the network that's why when you are doing a transaction in with with Bitcoin you need to wait or that's a recommendation really you need to wait at least for six blocks to be created after the block where your transaction is in to be sure that the transaction is final if not there is always a possibility for a fork somewhere and folks happen naturally because in the Bitcoin world we send transaction through all the nodes and all the nodes are actually competing to create a block which means that at some point you can find the same solution at the same time which means that the same transaction or some transaction are willing to be in the same blocks linked to the same previous block but remember the longest will chain wins which means that at some point one of the block is going to be discarded right okay I think we have everything we need to create a cryptocurrencies a crime scene PHP are you excited about that not really Oh first let's have a look at a very simple blockchain so here the proof of work is really the same class as before here we have a block the block is a message a message is something or just a string the previous block the previous block does not exist for the Genesis block Genesis block is the first block trading in blockchain for the previous block we just want to keep the Asch that's all then we have the message and we mine the block manning means finding a nonce that allows to have n number of zeros for the ash and more important is the ease valid method where we are checking that the nonce is actually valid right so we are checking that the message plus the previous ash with the nones actually give you a hash with the number of zeros that we are expecting right the blockchain now is even simpler than that that's just an array of blocks and you can add block a block here you give a message it create blocks that's all and checking that the block is valid is very easy we are checking that for each block the block is actually valid and then we also check that a previous block hash is the same as the ash of the previous block right okay so training block shine you create the first Genesis block then we had two blocks we are checking that the blockchain is valid and then we are trying to shuffle the blocks and check that the block is not valid anymore so if we run that okay so you can see here the first block there is no previous edge you have the nones which is the number of iterations to get four zeros at the beginning of the ash and the message then you have the second block you can see that the previous block the previous hash is the same as the ash of the previous block and then we have ash and the blockchain is valid and if we shuffle the blocks then the blockchain is not valid anymore right okay fab coin so the block is almost the same as before the big difference is that now we want to store transactions okay so a transaction is very simple we have a from so that's the public key of the sender of the money it's nullable because for the very first transaction there is no from we are creating money out of thin air right then - is the public key of the receiver of the money the amount of coins I want to send and a private key of the sender so that we can actually sign the transaction what we are keeping in the state is the from the to the amount we can't of course store a private key because we can't become shared private key so instead we are creating a signature which is the encryption of the message with the private key and the message is the from the - and the amount okay that way we can check if a transaction is valued without the private key checking that just that the message which is the original message and encrypted the signature which is the encrypted version of the message and we are able to decrypt this signature with the public key of the sender if that's the case then the transaction is valid and you can't afford to transact transaction right so transaction is not for chable we have the blog to store the transaction we have the proof of work to be able to create a blog the blockchain is almost the same as before we can add now not a message but a transaction the is valid method is exactly the same as before except that now we are also adding something to be sure that you can't add a transaction where you as you are sending more money than what you have in your wallet that makes sense right okay so I'm not going to talk about this method it's really easy we are just iterating over all the blog's and checking dependencies okay we still have the gossip protocol same as before so we can talk to each other and the state that we are going to share is composed of all the peers that you are aware of plus the full blockchain okay proof of work the same PK is the same key is just a small attraction for the public and private keys and that's all so here remember we had Luke and we are talking with all the peers we are aware of we are not going to talk to us of course and then we are giving our state and updating our state with the pure state so the important part here is how do we update our state and especially blockchain so here we have origin blockchain so that's not the first time we are actually communicating with someone then we are updating our blockchain with their blockchain if not we are just getting their blockchain as the initial value so how can we update blockchain very easy if the pier has no blockchain we are doing nothing that's the fork rule if the their blockchain is smaller than our blockchain we'll just ignore the blockchain we don't want to have to update anything with their blockchain if their blockchain is not valid it means that there is something going on we don't want to update our blockchain if that's not the case we are just overriding our blockchain with their blockchain all right so as you can see the car is really simple easy nothing fancy really and then as before we have a small file to create a user trying to find a port and then starting the loop here I also have a small fact here to be able to send money from someone through someone else ok let's try that so I'm gonna create user Fabian here so you can see the network at the top there is nobody now I have 1 million fab coins right now and you can see the blockchain so that the Genesis block none means that there is no previous block no no no it's not a previous block none is that's the front that's the public key of the front there is no front because I'm creating money right now so f STK etc that's a small part of my public key and then I have a million fab coins you can see the nonce and the ash of the transaction of the block sorry the block now let's create another user and it's going to be connected to fab as before the CAHSEE protocol is going to do its work so they are starting to communicate which with each other and you can see that the blockchain is the same for all users let's start another one and they will all communicate together now I'm going to transfer some money from me to ln i'm going that on my node so that the first node and you can see that at some point that's eventually consistent so we have the same information everywhere with the same blockchain and everybody is aware of all the transactions really if i'm trying to send a lot of money I don't have then it's rejected by the network right just because the blockchain is not valid so when someone receives a blockchain is not valid it's discarded right I could try to fake something by creating a fork node and that that's much more involving so I don't have time to do that but you you can try to do that trying to folk the network and having two different blockchain and you will see at some point the longest chain is going to be right just because more work actually happened in the longest chain okay so we are running out of time here what you are seeing here is almost what happened in the Bitcoin protocol and in the nodes of course it's a simplified version of that the main difference or the damn many differences of course but one of them is that when you mind a block in the in Bitcoin you have more than one transaction in a block right so we get a lot of different transaction and we are trying to get them into one block there's also a big difference and a big difference that training block means spending CPU time so you need some kind of incentive to do that so we have not talked about that but the note that actually is able to create a new block in the blockchain get some coins back just for for the work so we have not talked about like clients because of course if you are trying to use that kind of thing on your mobile phone you can't have all the blockchain on your phone that would not make sense it's huge it's big so there is a way to actually get on the part of the blockchain and still be able to check that blockchain is is valid we have not talked about a theorem and the fact that you can have code directly embed into the blockchain that another world I would say that that's you know kind of like having a virtual machine directly into the blockchain so whenever there is a transaction some code can run and do things and you also have some data that you can store directly into the code so there is more to explore but hopefully just with what we've talked about today you have a better understanding on how it goes behind the scenes and you will probably have a good read with the Bitcoin white paper because you know everything I've just talked about is exactly what is contained in the white paper really okay last time I'm going to switch to the slides okay and that that that's a quote from me actually yeah that's almost never the technical answer to your current problem how many of you have bitcoins okay how many of you have bitcoins just because they are using bitcoins as a mean of sending money or receiving money two three perhaps that's all and that that's the biggest problem right now the network is really slow so if you want to make a transaction it takes a lot of time to get a transaction actually mined and part of a block and if you would need to wait for six blocks after that it takes a lot of time really and doing a transaction from a bank to another bank especially here in Europe it's much faster and it costs nothing at least in France doing it a wire transfer cuz nothing that's not the case with the Bitcoin protocol if you are sending some money to someone there is some fees associated with that and the fees are going up just because there are so many transaction that when someone mind block he wants to include the transaction with the better fees really so they can get more money so you also have fees that's a problem and so there are many things that are ongoing here try to fix those problems and the Lightning Network thing is probably one of the most interesting one so if you want to learn more about lightning Network I really recommend you to you go to Google and there are plenty of information about that and that's pretty interesting but it's getting more complex over time so I'm not sure it's going to end well anyway thank you very much for listening and if you have any questions I think we still have a few minutes to do that thank you [Applause] [Music] [Applause]

Info

Channel: GrUSP

Views: 4,884

Rating: undefined out of 5

Keywords: GrUSP, PHP, phpday, code, development, blockchain

Id: 2FBHiz7ANEI

Channel Id: undefined

Length: 52min 26sec (3146 seconds)

Published: Mon Aug 06 2018