Imagine yourself to be a University Dean in the position of creating a new course on blockchains. To which department would you assign the course?

• computer science or mathematics?
• economics or political science?
• sociology or philosophy?

In fact, any of these departments would be appropriate.

• blockchains today are still cutting edge and mysterious, but one day they will be as ubiquitous as Internet and Web
• one day many academic departments will offer courses on them, each with their own particular viewpoint

• a distributed system
• using cryptography
• to secure an evolving consensus
• about a token with economic value

• mathematics (cryptography)
• computer science (distributed systems)
• economics (exchange of tokens with economic value)
• politics (mechanisms for reaching consensus)

Blockchains are both technological and social movements, yet very few people have both backgrounds.

• those who come from technical backgrounds sometimes fall in love with the novel technology inside blockchains and ignore the social aspects entirely
• this leads to projects that solve useless problems that no one actually has
• those who come from social backgrounds are sometimes unable (or unwilling) to understand the technological aspects of blockchains
• this leads to projects that are fundamentally unsound

• the origins of blockchain go back to the crypto-anarchism and cypherpunk movements of the late 80s
• crypto-anarchists and cypherpunks advocate widespread use of strong cryptography in an effort to protect their privacy, their political freedom, and their economic freedom
• these movements in turn take the roots from anarcho-capitalism, a political philosophy and economic theory that advocates the elimination of centralized states in favor of self-ownership, private property and free markets
• which in turns refers to Laissez-faire (listen), an economic system in which transactions between private parties are absent any form of government intervention

The Crypto Anarchist Manifesto by Timothy C. May dates back to mid-1988 and was distributed to some like-minded techno-anarchists at the Crypto ’88 conference:

Combined with emerging information markets, crypto anarchy will create a liquid market for any and all material which can be put into words and pictures. Timothy C. May, Crypto Anarchist Manifesto

The following excerpt from the Cypherpunk Manifesto by Eric Hughes is particularly telling since it contains, 30 years before, all ingredients of modern blockchain technology:

We the Cypherpunks are dedicated to building anonymous systems. We are defending our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money. […] Cypherpunks write code. We know that software can’t be destroyed and that a widely dispersed system can’t be shut down. Eric Hughes, Cypherpunk Manifesto

• the technical specification of blockchain was proposed in 1991 by Stuart Haber, a cryptographer, and Scott Stornetta, a physicist
• they published their work in The Journal of Cryptography in 1991 under the title How to Time-Stamp a Digital Document and one year later they registered it with a US patent

Haber and Stornetta were trying to deal with the epistemiological problem of truth in the digital age:

The prospect of a world in which all text, audio, picture and video documents are in digital form on easily modifiable media raises the issue of how to certify when a document was created or last changed. The problem is to time-tamp the data, not the medium. Haber and Stornetta, How to Time-Stamp a Digital Document

Blockchain is much more than a technology, it is also a culture and community that is passionate about creating a more equitable world through decentralization.

We are now entering a radical evolution of how we interact and trade because, for the first time, we can lower uncertainty not just with political and economic institutions but with technology alone. Bettina Warburg

The numerous components of blockchain technology can make it challenging to understand.

However, each component can be described simply and used as a building block to understand the larger complex system.

1. blocks
2. hash
3. chain
4. proof of work
5. transactions
6. digital signature
7. peer-to-peer

The building blocks of a blockchain are… blocks.

A block is a container for data

In its simplest form it contains:

• an identification number
• a timestamp of block creation
• a bunch of data (usually, transactions)

genesis_block = list(number = 0,
                     timestamp = "2009-01-03 18:15:05",
                     data = "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks")

• each block has a fingerprint called hash that is used to certify the information content of the block
• hashes of blocks are created using cryptographic hash functions, that are mathematical algorithms that maps data of arbitrary size to a bit string of a fixed size
• a popular hash algorithm is SHA-256, designed by the United States National Security Agency (NSA)
• it uses a hash of 256 bits (32 bytes), represented by an hexadecimal string of 64 figures
• \(2^{256} \approx 10^{77}\) is huge (more or less the estimated number of atoms of our universe), an infinite number for any practical purposes

The ideal cryptographic hash function has five main properties:

• it is deterministic so the same message always results in the same hash
• it is quick to compute the hash value for any given message
• a small change to a message should change the hash value extensively
• it is infeasible (but not impossible) to generate a message from its hash value
• it is infeasible (but not impossible) to find two different messages with the same hash value

# load library
library(digest)

# hash a string
digest("Così tra questa immensità s'annega il pensier mio: 
       e il naufragar m'è dolce in questo mare", "sha256")

## [1] "721956f9e4d4a31524ec94bc9926445c81228b96129132745a362eca8d016154"

# hash a slightly different string
digest("Così tra questa infinità s'annega il pensier mio: 
       e il naufragar m'è dolce in questo mare", "sha256")

## [1] "0095d410ee1935a163891970ee2606f2031238ac7adf839fe02d3353162cf5a0"

• blocks are chronologically concatenated into a chain by adding to the block a field with the hash of the previous block in the chain
• it follows that the hash of each block is computed using also the hash of the previous block
• this means if you alter one block you need to modify not only the hash of it but that of all following blocks for the chain to be valid
• the first block of the chain is called the genesis block and represents the initial state of the system (Bitcoin genesis block, Ethereum genesis block)

mine <- function(previous_block, genesis = FALSE){
  if (genesis) {
    # define genesis block
    new_block <- list(number = 0,
                      timestamp = Sys.time(),
                      data = "I'm genesis block",
                      parent_hash = "0")  
  } else {
    # create new block
    current_number = previous_block$number + 1
    new_block <- list(number = current_number,
                      timestamp = Sys.time(),
                      data = paste0("I'm block ", current_number),
                      parent_hash = previous_block$hash)
  }
  # add hash 
  new_block$hash <- digest(new_block, "sha256")
  return(new_block)
}

chain = function(nblocks) {
  # mine genesis block
  block_genesis <- mine(NULL, TRUE)   
  
  # first block is the genesis block
  blockchain <- list(block_genesis)

  if (nblocks >= 2) {
    # add new blocks to the chain
    for (i in 2:nblocks){
      blockchain[[i]] <- mine(blockchain[[i-1]], FALSE) 
    }
  }
  
  return(blockchain)
}

chain(nblocks = 3)

## [[1]]
## [[1]]$number
## [1] 0
## 
## [[1]]$timestamp
## [1] "2020-04-02 14:11:42 CEST"
## 
## [[1]]$data
## [1] "I'm genesis block"
## 
## [[1]]$parent_hash
## [1] "0"
## 
## [[1]]$hash
## [1] "b5eeb3c562f792b32eef6beb2b49811144d5bd82776ae1c3da0ef21454fb47f8"
## 
## 
## [[2]]
## [[2]]$number
## [1] 1
## 
## [[2]]$timestamp
## [1] "2020-04-02 14:11:42 CEST"
## 
## [[2]]$data
## [1] "I'm block 1"
## 
## [[2]]$parent_hash
## [1] "b5eeb3c562f792b32eef6beb2b49811144d5bd82776ae1c3da0ef21454fb47f8"
## 
## [[2]]$hash
## [1] "ad2ff4ea8809d4441a0ce2f791a50b59bda6d27769188ec92821357224909fea"
## 
## 
## [[3]]
## [[3]]$number
## [1] 2
## 
## [[3]]$timestamp
## [1] "2020-04-02 14:11:42 CEST"
## 
## [[3]]$data
## [1] "I'm block 2"
## 
## [[3]]$parent_hash
## [1] "ad2ff4ea8809d4441a0ce2f791a50b59bda6d27769188ec92821357224909fea"
## 
## [[3]]$hash
## [1] "0dc117c2cfdbdeaecb3857d78f7b4af636ef69ac8e707b3fb206b0a7b5670686"

• the Byzantine Generals Problem is a computer-related problem consisting in finding an agreement by communicating through messages between the different components of the network
• this is a problem that was theorised by the mathematicians Leslie Lamport, Marshall Pease and Robert Shostak in 1982, who created the metaphor of the generals
• several generals are on the verge of attacking an enemy city during a siege. They are located in different strategic areas and can only communicate via messengers in order to coordinate the decisive attack
• however, among these messengers, it is highly probable that there are traitors. The traitors carry messages that contradict the army’s strategy
• the problem, therefore, lies in the ability to carry out the attack effectively despite the risk of treason. This is known as decentralised consensus
• the problem faced by the Byzantine generals is the same as that faced by distributed computing systems. How to reach a consensus on a distributed network where some nodes may be faulty or voluntarily corrupted?
• proof of work is the solution proposed by Satoshi Nakamoto for Bitcoin

• hash alone is not enough to prevent tampering, since hash values can be computed fast by computers
• a proof of work method is needed to control the difficulty of creating a new block
• to mine (create) a new block you have to find a solution to a computational problem that is hard to solve and easy to verify
• this is a cryptographic puzzle that can be attacked only with a brute-force approach (trying many possibilities), so that only computational power counts
• one CPU one vote is blockchain democracy

• typically, the proof of work problem involves finding a number (called nonce) that once added to the block is such that the corresponding block hash starts with a string of leading zeros of a given length called difficulty
• the average work that a miner needs to perform in order to find a valid nonce is exponential in the difficulty, while one can verify the validity of the block by executing a single hash function
• miners tend to organize themselves into pools whereby they work together in parallel and split the reward
• available computing power increases over time, as does the number of miners, so the puzzle difficulty is generally increasing, so that the mining frequency is approximately constant
• the amount of energy used for the mining process is not trivial: it is estimated that Bitcoin mining consumes as much electricity as Denmark

proof_of_work = function(block, difficulty) {
  block$nonce <- 0
  hash = digest(block, "sha256")
  zero = paste(rep("0", difficulty), collapse="")
  while(substr(hash, 1, difficulty) != zero) {
      block$nonce = block$nonce + 1
      hash = digest(block, "sha256")  
  }
  return(list(hash = hash, nonce = block$nonce))
}

proof_of_work(genesis_block, 1)

## $hash
## [1] "047a64e2b4e9b1a410e3000137388b87bd5a81cc4f123e31b955165e9f43696d"
## 
## $nonce
## [1] 6

proof_of_work(genesis_block, 2)

## $hash
## [1] "003722bfa5f44c1feb4cb378c3c9ef81c296aad19b45cb276895205445cf52db"
## 
## $nonce
## [1] 456

proof_of_work(genesis_block, 3)

## $hash
## [1] "0001d5bd9509cf12da2fece9045768d474064bc7b587332c8b19cd57b937aab4"
## 
## $nonce
## [1] 2222

proof_of_work(genesis_block, 4)

## $hash
## [1] "00009859981b96f9db1ef9ad0b231579859d40f793dc76436adf9f20d5042112"
## 
## $nonce
## [1] 98060

mine <- function(previous_block, difficulty = 3, genesis = FALSE){
  
  if (genesis) {
    # define genesis block
    new_block <-  list(number = 0,
                       timestamp = Sys.time(),
                       data = "I'm genesis block",
                       parent_hash = "0")  
  } else {
    # create new block
    current_number <- previous_block$number + 1
    new_block <- list(number = current_number,
                      timestamp = Sys.time(),
                      data = paste0("I'm block ", current_number),
                      parent_hash = previous_block$hash)
  }
  
  # add nonce with proof of work
  new_block$nonce <- proof_of_work(new_block, difficulty)$nonce
  
  # add hash 
  new_block$hash <- digest(new_block, "sha256")
  return(new_block)
}

chain = function(nblocks, difficulty = 3) {
  # mine genesis block
  block_genesis = mine(NULL, difficulty, TRUE)   
  
  # first block is the genesis block
  blockchain <- list(block_genesis)

  if (nblocks >= 2) {
    # add new blocks to the chain
    for (i in 2:nblocks){
      blockchain[[i]] <- mine(blockchain[[i-1]], difficulty) 
    }
    
  }
  
  return(blockchain)
}

chain(nblocks = 3)

## [[1]]
## [[1]]$number
## [1] 0
## 
## [[1]]$timestamp
## [1] "2020-04-02 14:11:47 CEST"
## 
## [[1]]$data
## [1] "I'm genesis block"
## 
## [[1]]$parent_hash
## [1] "0"
## 
## [[1]]$nonce
## [1] 2767
## 
## [[1]]$hash
## [1] "00072a6bfe3dd5e9d095e2520aa1bcde75183cb02aeef262e862c8799c272c27"
## 
## 
## [[2]]
## [[2]]$number
## [1] 1
## 
## [[2]]$timestamp
## [1] "2020-04-02 14:11:47 CEST"
## 
## [[2]]$data
## [1] "I'm block 1"
## 
## [[2]]$parent_hash
## [1] "00072a6bfe3dd5e9d095e2520aa1bcde75183cb02aeef262e862c8799c272c27"
## 
## [[2]]$nonce
## [1] 6643
## 
## [[2]]$hash
## [1] "0006bb284ca31067a8cd0b68ef34cb9ffe4e57542d1587f3e56206144be66b66"
## 
## 
## [[3]]
## [[3]]$number
## [1] 2
## 
## [[3]]$timestamp
## [1] "2020-04-02 14:11:48 CEST"
## 
## [[3]]$data
## [1] "I'm block 2"
## 
## [[3]]$parent_hash
## [1] "0006bb284ca31067a8cd0b68ef34cb9ffe4e57542d1587f3e56206144be66b66"
## 
## [[3]]$nonce
## [1] 277
## 
## [[3]]$hash
## [1] "000e5157b7490f871c0cda9063a0af5582af66628d8a01459548044be26af04a"

• a block contains a header with metadata (like block number and timestamp) and a data field with a certain number of transactions
• a transaction represents an interaction between parties, typically a transfer from sender to receiver of cryptocurrencies or of any other token
• each transaction has a fee that must be payed by the sender
• each potential miner includes in its block a subset of pending transactions
• the miner of the block gets the fees of all blocked transactions plus a fixed, newly minted amount of crypto coins (this is how new coins are introduced in the blockchain economy)
• here is a transaction on the Ethereum blockchain selling an artwork against cryptocurrency (2.5 Ether)

• blockchain uses asymmetric cryptography (also known as public-key cryptography) to implement digital signatures of transactions
• asymmetric cryptography uses a pair of keys: a public key and a private key
• the public key is made public, but the private key must remain secret
• even though there is a mathematical relationship between the two keys, the private key cannot efficiently be determined from the public key

• asymmetric cryptography enables a trust relationship between users who do not trust one another
• it provides a mechanism to verify the integrity and authenticity of transactions while at the same time allowing transactions to remain public
• each transaction is signed with the sender’s private key and anyone can verify the authenticity of the transaction using the sender’s public key
• alternately, one can encrypt data with a user’s public key such that only users with access to the private key can decrypt it
• this contrasts with symmetric cryptography in which a single pre-shared secret key is used to both encrypt and decrypt
• with symmetric cryptography users must already have a trust relationship

• RSA (Rivest–Shamir–Adleman) is one of the first asymmetric cryptography algorithms and is widely used for secure data transmission
• in RSA, the asymmetry between private and public keys is based on the practical difficulty of the factorization of the product of two large prime numbers, the factoring problem
• there are currently no published methods to defeat the system if a large enough key is used

## Digital signature

# load library
library(openssl)

# generate a private key (key) and a public key (pubkey)
key <- rsa_keygen()
pubkey <- key$pubkey

# build a transaction
trans = list(sender = "A", receiver = "B", amount = "100")

# serialize data
data <- serialize(trans, NULL)

# sign (a hash of) the transaction with private key
sig <- signature_create(data, sha256, key = key)

# verify the message with public key
signature_verify(data, sig, sha256, pubkey = pubkey)

## [1] TRUE

## Encryption

# load library
library(openssl)

# generate a private key (key) and a public key (pubkey)
key <- rsa_keygen(512)
pubkey <- key$pubkey

# message
msg <- charToRaw("Blockchain is magic!")

# cipher the message with public key
ciphermsg <- rsa_encrypt(msg, pubkey)

# decrypt the message with private key
rawToChar(rsa_decrypt(ciphermsg, key))

## [1] "Blockchain is magic!"

• the cryptographic algorithms utilized within most blockchain technologies for asymmetric pairs (digital signature) will need to be replaced
• the hashing algorithms used by blockchain networks are much less susceptible but are still weakened

Finally, the blockchain ledger is distributed over a peer-to-peer network.

The steps to run the network are as follows:

1. new transactions are broadcast to all nodes
2. each node collects some transactions into a block
3. each node works on finding a difficult proof of work for its block
4. when a node finds a proof of work, it broadcasts the block to all nodes
5. nodes accept the block only if all transactions in it are authentic and not already spent
6. nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash (hence notice that uncompleted proof of work of miners is lost and all miners need to restart a new proof of work)

A cryptographic token is a quantified and tradable unit of value recorded on the blockchain.

• fungible tokens are cryptocurrencies (Bitcoin and alternative coins); they are interchangeable and can be split in smaller pieces whose sum makes the whole
• non-fungible tokens represent something unique (for instance, a digital work of art); think of them like rare, one-of-a-kind collectibles. They are not interchangeable and cannot be divided

There are then different forms and functions of tokens:

• utility token. If you spend them, you have access to a function (for example, access to a network)
• asset tokens. These certify that you are an owner of a good or a portion of it; transferring this token is a bit like transferring the certificate of ownership of a car
• equity tokens, which demonstrate the right to speak on a certain topic; for example, to vote on a board of directors

• blockchain users must manage and securely store their own private keys
• instead of recording them manually, they often use software, called wallet, to securely store them
• if a user loses a private key, then any digital asset associated with that key is lost, because it is computationally infeasible to generate the private key from the public one
• if a private key is stolen, the attacker will have full access to all digital assets controlled by that private key
• on blockchain there is no central authority to restore a lost password
• here are some Bitcoin wallets and here are some Ethereum wallets

• some blockchains make use of an address, which is a short, alphanumeric string of characters that identify a user of the blockchain
• an address is derived from the user’s public key using a cryptographic hash function
• most blockchain implementations make use of addresses as the to and from endpoints in a transaction

• a seed phrase is a list of words which store all the information needed to access to a wallet
• an example of a seed phrase is: witch collapse practice feed shame open despair creek road again ice least
• the seed phrase can be converted to a number which is used as the seed integer to a deterministic wallet that generates all the key pairs used in the wallet
• a person can possess many seed phrases (wallets) and a wallet can generate many pair of public/private keys (accounts), this allows for a varying degree of anonymity

A cryptocurrency (or digital currency) is a digital asset designed to work as a medium of exchange that uses strong cryptography to secure financial transactions, control the creation of additional units, and verify the transfer of assets.

• cryptocurrencies use decentralized control as opposed to centralized digital currency and central banking systems
• they work through a blockchain that serves as a public financial transaction database
• Bitcoin, first released in 2009, is generally considered the first decentralized cryptocurrency (The rise and fall of Bitcoin)
• since the release of bitcoin many altcoins (alternative crypto coins) have been created
• here is the top 100 cryptocurrencies by market capitalization

• B-money was an early proposal, dated 1998 and circulated in the cypherpunk mailing lists, created by Wei Dai for an anonymous, distributed electronic cash system

• Satoshi Nakamoto (a pseudonymous) referenced B-money when proposing Bitcoin in 2009 in his white paper Bitcoin: A Peer-to-Peer Electronic Cash System

• the message of Satoshi Nakamoto embedded into the very first Bitcoin block:

The Times 03/Jan/2009 Chancellor on brink of second bailout for banks

• considering the context in which they appear – during the bank-driven financial crisis of 2009, the worst after the economic recession of 1929 – these words are calling for economic revolution

• here is the original post of Satoshi Nakamoto proposing Bitcoin

• F2Pool added the following message, a clear reference to Satoshi’s genesis block message, to block 629999, the last block before bitcoin halving:

NYTimes 9/Apr/2020 With $2.3T Injection, Fed’s Plan Far Exceeds 2008 Rescue

• a major altcoin is Ether (ETH), the currency of blockchain Ethereum, launched in 2015
• unlike other blockchains, Ethereum is programmable, which means that developers can use it to build new kinds of decentralized applications (dapps) using smart contracts
• a smart contract is a piece of code that is running on Ethereum; the term dates to 1994, defined by Nick Szabo as a computerized transaction protocol that executes the terms of a contract

Fiat money is a currency without intrinsic value that has been established as money, often by government regulation.

The term fiat derives from the Latin fiat (“let it be done”) used in the sense of an order, decree or resolution.

• a cryptocurrency exchange is a business that allows customers to trade cryptocurrencies for other assets, such as conventional fiat money or other digital currencies
• as of 2020, cryptocurrency and digital exchange regulations in many countries remain unclear as regulators are still considering how to deal with these types of businesses
• here are the top 100 cryptocurrency exchanges by trade volume; Coinbase is a popular exchange for beginners

• how blockchain will comply with General Data Protection Regulation (GDPR)?
• any company storing personal data of EU citizens should follow the regulation
• mind that your digital wallet address might be personal data because it can link to your identity if for instance you bought crypto currency using a credit card or a digital exchange using the Know Your Customer (KYC) process
• there are three articles in the GDPR that conflicts with blockchain:
  1. Article 16: right to rectification
  2. Article 17: right to be forgotten
  3. Article 18: right to restrict processing
• but who is the data controller (the company that stores the personal data and is responsible for it) on the blockchain?

1. encrypt the personal data before you store it on blockchain
   • however encryption is in theory reversible
2. store the personal data in a permissioned blockchain, where access is restricted to only few trusted parties
   • we can comply with Article 18 (right to restrict processing)
   • but a permissioned blockchain is still immutable, hence we can’t comply with Articles 16 and 17
3. store the personal data somewhere else, on a secure server, and put on the blockchain the hash of the personal data
   • you partially centralize the blockchain
4. use zero-knowledge proofs (ZKP), which allows you to prove that something is true without revealing the actual data, in case of blockchain you can prove that the transaction has happened without disclosing the data (parties and amount)

Blockchain technology has many more potential use cases beyond other than just serving as the fuel behind Bitcoin.

Below, we’ve outlined some of its emerging applications across finance, business, and government.

1. Banking & Finance
   • International Payments
   • Capital Markets
   • Trade Finance
   • Regulatory Compliance and Audit
   • Money Laundering Protection
   • Insurance
   • Peer-to-Peer Transactions
2. Business
   • Supply Chain Management
     
   • Healthcare
   • Real Estate
   • Media
   • Energy
3. Government
   • Record Management
   • Identity Management
   • Voting
   • Taxes
   • Non-Profit Agencies
   • Compliance/Regulatory Oversight
4. Art
   • provenance and authenticity registries
   • fractional ownership
   • digital scarcity

Haber and Stornetta, the inventors of blockchain, in their proposal envisaged the adoption of blockchain beyond text, possibly in art as well:

Of course digital time-stamping is not limited to text. Any string of bits can be time-stamped, including digital audio recordings, photographs, and full-motion videos. […] time-stamping can help to distinguish original photograph from a retouched one. Haber and Stornetta, How to Time-Stamp a Digital Document

• blockchain technology, while commonly associated with cryptocurrencies, has a potential to bring radical structural change to the arts and creative industries
• blockchain has core use cases in the arts including:
  • provenance and authenticity registries
  • fractional ownership
  • digital scarcity

• provenance and authenticity are two major and related issues in both traditional and digital art
• where provenance describes the chain of ownership, authentication proves the correct authorship
• blockchain combines provenance and authentication, providing a chained record of ownership that is dependent on the validity of the starting point of the blockchain record
• Verisart, Artory and Codex Protocol are companies operating in art provenance which also partner with auction houses to vet the entry point of records onto the blockchain
• in fall 2018, Artory became the first company to list a major auction sale on the blockchain when it became the registrar of the Ebsworth Collection, sold at Christie’s New York for $318 million on November 13, 2018

• blockchain also allows fractional or shared ownership of individual artworks
• from a collector’s point of view, the possibility of fractionalizing a single artwork allows investors to diversify their art holdings and to reduce the investment exposure
• for example, the company Maecenas purchased an Andy Warhol artwork, 14 Electric Chairs, and divided it up into shares sold as ART tokens
• the company sold 31.5 percent of the 14$ million artwork

• blockchain has been used to deal with a central challenge to selling digital art: how to create a limited edition of a file that can be easily reproduced
• crypto art is a rising art movement in this cypher space
• it associates digital artworks with unique and provably rare tokens that exist on the blockchain; these codes are the equivalent of the artist’s signature
• the real potential of the emerging crypto art current is to give a digital image the dignity of a true work of art, made unique, eternal and collectible through blockchain technology

• Crypto art draws its origins from conceptual art, sharing the immaterial and distributive nature of artworks, the tight blending of artworks with currency, and the rejection of conventional art market and institutions
• early examples of crypto art include CryptoKitties, CryptoPunks, Autoglyphs, and Rare Pepe
• the most well-liked crypto art galleries today are SuperRare, KnownOrigin, MakersPlace as well as async art

We illustrate the typical workflow of crypto art with a real example from the digital gallery SuperRare.

1. an artist creates a digital artwork (an image or animation) and uploads it to the gallery
2. the smart contract of the gallery creates a non-fungible token on the Ethereum blockchain associated with the artwork and transfers the token to the artist’s wallet
3. also, the gallery distributes the artwork file over the IPFS peer-to-peer network; hence nor the token nor the artwork are on any central server
4. collectors can place valued bids on the artwork by transferring a bidden amount to the smart contract of the gallery (the collector can withdraw bids at anytime)
5. eventually the artist accepts one of the bids: the smart contract of the gallery transfers the artwork’s token to the collector’s wallet and the agreed cryptocurrency to the artist’s wallet
6. the artwork remains tradable on the market

• the InterPlanetary File System (IPFS) is a protocol and peer-to-peer network for storing and sharing hypermedia in a distributed file system
• IPFS uses content-addressing storage to uniquely identify each file, a way to store information so it can be retrieved based on its content, not its location
• each file is identified by the hash of its content; when you look up a file to view or download, you’re asking the network to find the nodes that are storing the content behind that file’s hash
• each network node stores only content it is interested in, plus some indexing information that helps figure out which node is storing what
• IPFS lets you address large amounts of data and place the immutable, permanent links into blockchain transactions
• for instance, this artwork has (Base58-encoded) hash QmUH8oMnCc5YjQA42K5jEiuUwt6f8CWN6guE6fMJozcWLu and is stored in IPFS here

“Ownership does not include intellectual property rights such as copyright claims, ability to produce commercially, and create merchandise therefrom, etc. The intellectual property remains the possession of the creator” SuperRare Terms of Service

• the corpus mysticum of a protectable artwork is the intellectual and immaterial creation of the work
• to be perceivable the corpus mysticum must materialize in some material medium, namely the canvas of a painting, the stone for a sculpture, a CD for a musical work, the paper of the book for a novel, or a file for a digital work. This is the corpus mechanicum
• the artist transfers to the buyer the corpus mechanicum and not the corpus mysticum
• in particular, the possibility of commercial exploitation of any reproduction of the artwork remains with its author
• read more here (in Italian)

• it is possible that multiple blocks will be published at approximately the same time
• this can cause differing versions of a blockchain to exist at any given moment
• these must be resolved quickly to have consistency in the blockchain network
• blockchain nodes will wait until the next block is published and use the longer blockchain as the official blockchain

• an attacker might garner enough resources (more than half) to outpace the block creation rate of rest of the blockchain network
• she can now play with her rules, for instance defraud people by stealing back her payments
• why is this attack deemed to fail?

The incentive of rewards may help encourage nodes to stay honest.

If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins.

He ought to find it more profitable to play by the rules (generate new coins), such rules that favor him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth. Satoshi Nakamoto (Bitcoin white paper)

• a hard fork is a change to a blockchain implementation that is not backwards compatible
• at a given point in time (usually at a specific block number), all nodes will need to switch to using the updated protocol
• nodes that have not updated will reject the newly formatted blocks and only accept blocks with the old format
• this results in two incompatible versions of the blockchain existing simultaneously
• a popular hard fork separated Ethereum blockchain from Ethereum Classic after The DAO scam

• an alternative, less energy-consuming consensus mechanism is proof of stake
• the proof of stake model is based on the idea that the more stake a user has invested into the system, the more likely they will want the system to succeed, and the less likely they will want to subvert it
• stake is an amount of cryptocurrency that once staked is no longer available to be spent
• the likelihood of a user mining a new block is tied to the ratio of their stake to the overall staked cryptocurrency
• with this consensus model, there is no need to perform resource intensive computations
• however, the rich gets richer phenomenon may arise

Ethereum blockchain is enriched with smart contracts. The term smart contract dates to 1994, defined by Nick Szabo as:

A computerized transaction protocol that executes the terms of a contract. The general objectives of smart contract design are to satisfy common contractual conditions (such as payment terms, liens, confidentiality, and even enforcement), minimize exceptions both malicious and accidental, and minimize the need for trusted intermediaries.

The user issuing a transaction to a smart contract will have to pay a fee proportional to the complexity of the code executed.

• Ethereum is a large virtual machine that executes functions from programs called smart contracts in exchange for some fees in ether
• the machine is used my many users at the same time
• the miners compete to become the executors of the transactions, and hence to receive the fees
• all executed transactions are registered on a blockchain

• gas is a unit that measures the amount of computational effort that it will take to execute certain operations
• every single operation that takes part in Ethereum, be it a transaction or smart contract execution requires some amount of gas
• miners in theory should specify a gas price that reflects their cost of inclusion of the transaction in the block
• the price of gas that a user offers should generally reflect how fast they want a transaction mined (the higher, the faster)
• the gas price is expressed in gwei. The smallest unit of ether is the wei: \(10^{18}\) wei make 1 ether. A gwei is \(10^9\) wei, hence \(10^9\) gwei make 1 ether
• for instance, if your transaction uses 20000 units of gas and the gas price is 50 gwei, then the transaction fees are: \[20000 \cdot 50 = 10^6 \mathrm{gwei} = 0.001 \mathrm{ether}\]
• see ether gas station for statistics and a calculator
• if the price of gas is determined by miners, and I don’t know in advance who is going to mine the block of my transaction, the fee of my transaction is not known in advance. However, you can specify a gas limit, the maximum amount of gas units you are allowed to pay

• in all their infinite wisdom, bitcoin’s anonymous inventor Satoshi Nakamoto decided that only 21 million BTC would ever exist. They wanted new coins to be released gradually into the market
• new BTC are given to bitcoin miners as their bitcoin block reward when they verify blocks of transactions. To begin with, the reward stood at 50 BTC per block
• rewards stay fixed for 210,000 blocks (about 4 years), and then are cut by 50%. The halving is the moment (block creation) when this cut happens
• there will only ever be 32 bitcoin halving events. Once the 32nd halving is completed, there will be no more new BTC created, as its maximum supply of 21 million will have been reached. Why?
• each BTC is divisible to the 8th decimal place, so each BTC can be split into 100,000,000 units. Each unit of BTC, or 0.00000001 BTC, is called a satoshi. A Satoshi is the smallest unit of Bitcoin. And we have that \[50 \cdot 2^{-32} = 1.16 \cdot 10^{-8}\]
• on the other hand, there is no halving for ETH, hence the number of ETH introduced in the market will grow indefinitely

• Bitcoin: A Peer-to-Peer Electronic Cash System, Satoshi Nakamoto, 2009
• Blockchain Technology Overview, National Institute of Standards and Technology, 2018
• Art and Blockchain by Amy Whitaker