Week1 on Alchemy University for Ethereum dev

Recently, I heard about Alchemy University from my teammate. I'm currently in charge of Frontend part in my team. But as a developer working in web3 field, writing solidity and deeply understand about the EVM development is very important for my team and future.

So, that is reason why I started Ethereum Development Bootcamp.

Ethereum, a smart contract platform for decentralized applications, relies heavily on encryption and signing mechanisms for its security and integrity. In this blog post, we will summarize the basics of Ethereum’s encryption and signing based on Alchemy's Week 1 lecture.

The output of a hash function is always of vert specific size. For example, in Ethereum, the SHA-256 algorithm generates a 256-bit (32-byte) hash, regardless of whether the input is a short string or a large file.

• Deterministic : it will always produce the same output. This ensures consistency, allowing systems to verify data by comparing hash values.

• pseudorandom : A small change in the input should result in a significantly different hash output. This is known as the avalanche effect.

• one-way: difficult to trace the original by comparing only the hash results

• fast to compute: Designed to be fast and efficient to compute, even for large amounts of data

• collision-resistant: Makes it extremely difficult to find two different inputs that produce the same hash output

• Commitments (Protocol & smart contract)

• Proof of Work

A single key for both encryption and decryption. Both the sender and receiver must have access to the same secret key. Follow the example below:

• Secret key: 324

• Plain text: Cat

• Cipher text: Fcx (C + 3: F, a + 2: C, t + 4: x)

• Example: AES (Advanced Encryption Standard)

Uses two different keys: a public key and a private key. The public key is used for encryption, while the private key is used for decryption. This can be using like below:

• Authenticate: One key signs, the other verifies

• Encryption: One key encrypts, the other decrypts

The key concept of public key cryptography is whenever user signs with own private key, we can check the public key, so can figure out the ownership of this transaction.

Let me check this with code snippet.

// How to sign message. using ethereum-cryptography
const secp = require("ethereum-cryptography/secp256k1");
const { keccak256 } = require("ethereum-cryptography/keccak");
const { utf8ToBytes } = require("ethereum-cryptography/utils");

const PRIVATE_KEY = "MY-PRIVATE-KEY";

// includes [signature, recoveryBit]
async function signMessage(msg) {
    const hashedMsg = hashMessage(msg);
    const signature = await secp.sign(hashedMsg, PRIVATE_KEY, { recovered: true });
    return signature
}

function hashMessage(message) {
    const hash = keccak256(utf8ToBytes(message));
    return hash
}

module.exports = signMessage;

The result of signMessage includes signature and recoveryBit. We.can use secep.recover() function and get the public key. (In normal case, it would be your crypto address)

Bitcoin and Ethereum both have a transformation process to take a public key and turn it into an address. For Bitcoin it includes a checksum and Base58 encoding. Ethereum's address transformation is quite a bit simpler, its address is the last 20 bytes of the hash of the public key.

The important thing to recognize here is that the address is differentiated from the public key, but you can always derive the address if you have the public key.

And for your information, Ethereum account address is 42 charaters. but you can check the public key has is over 42 chars. So we can usaully slice the public key after the first bit.

PoW is another component of Bitcoin that is essential to its success.
One of the first use cases of Proof of Work was to prevent spamming. The idea is you can make each action more difficult. This action can be architected managing the difficulty.

Let's take a simple example as following:

const SHA256 = require('crypto-js/sha256');
const TARGET_DIFFICULTY = BigInt(0x0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
const MAX_TRANSACTIONS = 10;

const mempool = [];
const blocks = [];

function addTransaction(transaction) {
    mempool.push(transaction);
}

function mine() {
    const transactions = [];
    let count = 0;
    let nonce = 0;
    let block = { id: blocks.length, transactions, nonce };
    let hash = SHA256(JSON.stringify(block));
    
    while (mempool.length) {
        if (count >= MAX_TRANSACTIONS) break;
        transactions.push(mempool.shift());
        count++;
    }

    while (BigInt(`0x${hash}`) >= TARGET_DIFFICULTY) {
        nonce++;
        block = { id: blocks.length, transactions, nonce };
        hash = SHA256(JSON.stringify(block));
    }

    blocks.push({ ...block, hash })
}

module.exports = {
    TARGET_DIFFICULTY,
    MAX_TRANSACTIONS,
    addTransaction, 
    mine, 
    blocks,
    mempool
};

What our computer does is increasing nonce value by plus 1. We can set the difficulty value to adjust the difficultiy of mining.

Q. How do distributed p2p networks agree on what data is valid without a central administrator running the show?

A. Consensus mechanisms.

It means the bitcoin network decides validity of new data based on who is able to produce a valid proof of work

Q. How is the block hash calculated?

A: A hashing function takes data as input, and returns a unique hash.

Q. What is "valid" hash?

A. A valid hash for a blockchain is a hash that meets certain requirements.

1. Block index is one greater than latest block index

2. Block previous hash equal to latest block hash

3. Block hash meets difficulty requirement

4. Block hash is correctly calculated.

If you liked this post, please subscribe and share. Thank you for reading, and I'll see you next time!