以太坊白皮书(原版译文)以太坊(Ethereum ):下一代智能合约和去中心化应用平台
以太坊白皮书地址:https://github.com/ethereum/wiki/wiki/White-Paper
当中本聪在2009年1月启动比特币区块链时,他同时向世界引入了两种未经测试的革命性的新概念。第一种就是比特币(bitcoin),一种去中心化的点对点的网上货币,在没有任何资产担保、内在价值或者中心发行者的情况下维持着价值。到目前为止,比特币已经吸引了大量的公众注意力, 就政治方面而言它是一种没有中央银行的货币并且有着剧烈的价格波动。然而,中本聪的伟大试验还有与比特币同等重要的一部分:基于工作量证明的区块链概念使得人们可以就交易顺序达成共识。作为应用的比特币可以被描述为一个先申请(first-to-file)系统:如果某人有50BTC并且同时向A和B发送这50BTC,只有被首先被确认的交易才会生效。没有固有方法可以决定两笔交易哪一笔先到,这个问题阻碍了去中心化数字货币的发展许多年。中本聪的区块链是第一个可靠的去中心化解决办法。现在,开发者们的注意力开始迅速地转向比特币技术的第二部分,区块链怎样应用于货币以外的领域。 The first is Bitcoin, a decentralized online currency that maintains its value without any asset guarantee, inner value, or central issuer. To date, Bitcoin has attracted a lot of public attention, and it is only politically effective if it is a currency with no central bank and with severe price fluctuations. However, there is no inherent way to decide which of the two deals is as important as Bitcoin: the concept of a grid based on workload proof allows consensus to be reached on the order of transactions. The applicable bitcoin is described as the first reliable centralization solution: if a person has 50 BTCs and sends the 50 BTCs simultaneously to A and Bs, it will be effective only if the transactions are first recognized. 常被提及的应用包括使用链上数字资产来代表定制货币和金融工具(彩色币),某种基础物理设备的所有权(智能资产),如域名一样的没有可替代性的资产(域名币)以及如去中心化交易所,金融衍生品,点到点赌博和链上身份和信誉系统等更高级的应用。另一个常被问询的重要领域是“智能合约”- 根据事先任意制订的规则来自动转移数字资产的系统。例如,一个人可能有一个存储合约,形式为“A可以每天最多提现X个币,B每天最多Y个,A和B一起可以随意提取,A可以停掉B的提现权”。这种合约的符合逻辑的扩展就是去中心化自治组织(DAOs)-长期的包含一个组织的资产并把组织的规则编码的智能合约。以太坊的目标就是提供一个带有内置的成熟的图灵完备语言的区块链,用这种语言可以创建合约来编码任意状态转换功能,用户只要简单地用几行代码来实现逻辑,就能够创建以上提及的所有系统以及许多我们还想象不到的的其它系统。 Another important area that is often asked is “intelligent contracts” – systems that automatically transfer digital assets on the basis of pre-defined rules. For example, a person may have a storage contract in the form of “A can raise up to X coins per day, B can up to Y per day, A and B together can take away alternative assets (domain currency), A can cut off B's right to cash. The logical extension of such contracts is to go down to the central self-government organization (DOs) – a smart contract that includes the assets of an organization and encodes the rules of the organization over the long term. 去中心化的数字货币概念,正如财产登记这样的替代应用一样,早在几十年以前就被提出来了。1980和1990年代的匿名电子现金协议,大部分是以乔姆盲签技术(Chaumian blinding)为基础的。这些电子现金协议提供具有高度隐私性的货币,但是这些协议都没有流行起来,因为它们都依赖于一个中心化的中介机构。1998年,戴伟(Wei Dai)的b-money首次引入了通过解决计算难题和去中心化共识创造货币的思想,但是该建议并未给出如何实现去中心化共识的具体方法。2005年,芬尼(Hal Finney)引入了“可重复使用的工作量证明机制”(reusable proofs of work)概念,它同时使用b-money的思想和Adam Back提出的计算困难的哈希现金(Hashcash)难题来创造密码学货币。但是,这种概念再次迷失于理想化,因为它依赖于可信任的计算作为后端。 The concept of decentralised digital money, as was the case with alternative applications such as property registration, was introduced decades ago. The anonymous e-cash agreements of the 1980s and 1990s were largely based on Chaumian blinding technology. These e-cash agreements provided a high degree of privacy, but none of them were popular because they relied on a centralized intermediary. In 1998, B-Money of Wei Dai introduced the idea of creating currency by addressing the problems of computing and decentralizing the consensus, but the proposal did not provide a concrete way to achieve a decentralized consensus. 因为货币是一个先申请应用,交易的顺序至关重要,所以去中心化的货币需要找到实现去中心化共识的方法。比特币以前的所有电子货币协议所遇到的主要障碍是,尽管对如何创建安全的拜占庭问题容错(Byzantine-fault-tolerant)多方共识系统的研究已经历时多年,但是上述协议只解决了问题的一半。这些协议假设系统的所有参与者是已知的,并产生如“如果有N方参与到系统中,那么系统可以容忍N/4的恶意参与者”这样形式的安全边界。然而这个假设的问题在于,在匿名的情况下,系统设置的安全边界容易遭受女巫攻击,因为一个攻击者可以在一台服务器或者僵尸网络上创建数以千计的节点,从而单方面确保拥有多数份额。 Since currency is a first application and the order of transactions is essential, decentralized currency needs to find a way to achieve a decentralised consensus. The main obstacle to all pre-bitcoin electronic currency agreements is that, despite years of research on how to create a safe Byzantine-fault-tolerant multi-party consensus system, the agreement addresses only half of the problem. These agreements assume that all participants in the system are known, and create secure borders in the form of “N/4 malicious participants if N is involved in the system.” This assumption, however, is that, in an anonymous situation, the system has a secure border that is vulnerable to witch attacks because an attacker can create thousands of nodes on a server or zombie network, thereby unilaterally ensuring a majority share. 中本聪的创新是引入这样一个理念:将一个非常简单的基于节点的去中心化共识协议与工作量证明机制结合在一起。节点通过工作量证明机制获得参与到系统的权利,每十分钟将交易打包到“区块”中,从而创建出不断增长的区块链。拥有大量算力的节点有更大的影响力,但获得比整个网络更多的算力比创建一百万个节点困难得多。尽管比特币区块链模型非常简陋,但是实践证明它已经足够好用了,在未来五年,它将成为全世界两百个以上的货币和协议的基石。 The innovation in China is to introduce the idea of combining a very simple node-based decentralized consensus agreement with a workload proof mechanism. The node has acquired the right to participate in the system through a workload proof mechanism, wrapping transactions into blocks every 10 minutes, thus creating a growing chain of blocks. The node with a great deal of arithmetic has greater impact, but it is much more difficult than creating a million nodes than the network as a whole. 从技术角度讲,比特币账本可以被认为是一个状态转换系统,该系统包括所有现存的比特币所有权状态和“状态转换函数”。状态转换函数以当前状态和交易为输入,输出新的状态。例如,在标准的银行系统中,状态就是一个资产负债表,一个从A账户向B账户转账X美元的请求是一笔交易,状态转换函数将从A账户中减去X美元,向B账户增加X美元。如果A账户的余额小于X美元,状态转换函数就会返回错误提示。所以我们可以如下定义状态转换函数: For example, in the standard banking system, the status conversion function is a balance sheet, a request for a transfer of US$X from account A to account B is a transaction, and the status conversion function will be reduced from account A to account B, adding US$X to account B. If the balance of account A is less than US$ X, the status conversion function will return the error hint. So we can define the status conversion function as follows: 在上面提到的银行系统中,状态转换函数如下: In the banking system referred to above, the status conversion function is as follows: 但是: However: 比特币系统的“状态”是所有已经被挖出的、没有花费的比特币(技术上称为“未花费的交易输出,unspent transaction outputs 或UTXO”)的集合。每个UTXO都有一个面值和所有者(由20个字节的本质上是密码学公钥的地址所定义[1])。一笔交易包括一个或多个输入和一个或多个输出。每个输入包含一个对现有UTXO的引用和由与所有者地址相对应的私钥创建的密码学签名。每个输出包含一个新的加入到状态中的UTXO。 The “state” of the bitcoin system is a collection of all unexplored bitcoached bitcoins (technically known as “unspent transaction output, unspent transaction outputs or UTXO”). Each UTXO has a face value and owner (defined by the 20 bytes essentially as the address of the cryptographic public key [1]). A transaction consists of one or more inputs and one or more outputs. Each input contains a reference to the existing UTXO and a cryptographic signature created by a private key corresponding to the owner's address. Each output contains a new UTO in its status. 在比特币系统中,状态转换函数大体上可以如下定义: In the Bitcoin system, the status conversion function can be broadly defined as follows: 第一步的第一部分防止交易的发送者花费不存在的比特币,第二部分防止交易的发送者花费其他人的比特币。第二步确保价值守恒。比特币的支付协议如下。假设Alice想给Bob发送11.7BTC。事实上,Alice不可能正好有11.7BTC。假设,她能得到的最小数额比特币的方式是:6+4+2=12。所以,她可以创建一笔有3个输入,2个输出的交易。第一个输出的面值是11.7BTC,所有者是Bob(Bob的比特币地址),第二个输出的面值是0.3BTC,所有者是Alice自己,也就是找零。 The first part of the first step prevents the sender of the transaction from spending non-existent bitcoin, while the second part prevents the sender of the transaction from spending other bitcoins. The second part ensures that the value remains constant. The bitcoin payment agreement is as follows. Assuming Alice wants to send Bob 11.7BTC. In fact, Alice cannot exactly have 11.7 BTC. Assuming that the minimum amount of bitcoin she can get is: 6+4+2=12. So she can create a transaction with three inputs and two outputs. The first output has a face value of 11.7 BTC, owned by Bob (Bob's Bitcoin address), and the second output has a face value of 0.3 BTC, owned by Alice herself, i.e., zero. 如果我们拥有可信任的中心化服务机构,状态转换系统可以很容易地实现,可以简单地将上述功能准确编码。然而,我们想把比特币系统建成为去中心化的货币系统,为了确保每个人都同意交易的顺序,我们需要将状态转换系统与一个共识系统结合起来。比特币的去中心化共识进程要求网络中的节点不断尝试将交易打包成“区块”。网络被设计为大约每十分钟产生一个区块,每个区块包含一个时间戳、一个随机数、一个对上一个区块的引用(即哈希)和上一区块生成以来发生的所有交易列表。这样随着时间流逝就创建出了一个持续增长的区块链,它不断地更新,从而能够代表比特币账本的最新状态。 If we have a trusted central service, the status conversion system can be easily achieved and can simply be accurately coding the above functions. However, we want to turn the bitcoin system into a decentralised monetary system, and in order to ensure that everyone agrees to the sequence of transactions, we need to combine the status conversion system with a consensus system. The decentralisation consensus process in bitcoin requires nodes in the network to constantly try to wrap the transaction into a “block”. The network is designed to produce a block about every 10 minutes, each containing a time stamp, a random number, a reference to the last block (i.e., Hashi) and a list of all transactions that have occurred since the last block was created. This creates a continuous chain of blocks as time passes, which is constantly updated to represent the latest status of the Bitcoin book. 依照这个范式,检查一个区块是否有效的算法如下: In accordance with this paradigm, the following algorithms are valid for checking a block: 本质上,区块中的每笔交易必须提供一个正确的状态转换,要注意的是,“状态”并不是编码到区块的。它纯粹只是被校验节点记住的抽象概念,对于任意区块都可以从创世状态开始,按顺序加上每一个区块的每一笔交易,(妥妥地)计算出当前的状态。另外,需要注意矿工将交易收录进区块的顺序。如果一个区块中有A、B两笔交易,B花费的是A创建的UTXO,如果A在B以前,这个区块是有效的,否则,这个区块是无效的。 In essence, each transaction in a block must provide a correct state conversion, bearing in mind that the "state" is not coded to the block. It is a purely abstract concept that is remembered by the verified nodes. For any block, it is possible to calculate the current state (in order) of every transaction, starting with the creation state, by adding each block in sequence. Also, it is necessary to note the sequence in which the miners record the transaction into the block. If there are A and B transactions in a block, B costs the UTXO created by A, and if A is before B, this block is valid, otherwise it is invalid. 区块验证算法的有趣部分是“工作量证明”概念:对每个区块进行SHA256哈希处理,将得到的哈希视为长度为256比特的数值,该数值必须小于不断动态调整的目标数值,本书写作时目标数值大约是2190。工作量证明的目的是使区块的创建变得困难,从而阻止女巫攻击者恶意重新生成区块链。因为SHA256是完全不可预测的伪随机函数,创建有效区块的唯一方法就是简单地不断试错,不断地增加随机数的数值,查看新的哈希数值是否小于目标数值。如果当前的目标数值是2192,就意味着平均需要尝试2^64次才能生成有效的区块。一般而言,比特币网络每隔2016个区块重新设定目标数值,保证平均每十分钟生成一个区块。为了对矿工的计算工作进行奖励,每一个成功生成区块的矿工有权在区块中包含一笔凭空发给他们自己25BTC的交易。另外,如果交易的输入大于输出,差额部分就作为“交易费用”付给矿工。顺便提一下,对矿工的奖励是比特币发行的唯一机制,创世状态中并没有比特币。 The interesting part of the block validation algorithm is the concept of “calendar proof”: as each block is treated by SHA256 Hashi, which will be treated as having a length of 256 bits. If the current target value is 2192, the target value is approximately 2190. The purpose of the workload certification is to make it difficult to create blocks, thereby preventing witches from maliciously regenerating blocks. Since SHA256 is a completely unpredictable pseudo-random function, the only way to create an effective block is simply to try and miscalculate, increasing the value of the random number constantly, and to see whether the new Hashi value is less than the target value. If the current target is 2192, it means that an average of 2 to 64 attempts will be made to produce a valid block. 为了更好地理解挖矿的目的,让我们分析比特币网络出现恶意攻击者时会发生什么。因为比特币的密码学基础是非常安全的,所以攻击者会选择攻击没有被密码学直接保护的部分:交易顺序。攻击者的策略非常简单: In order to better understand the purpose of mining, let's analyse what happens when there is a malicious attacker on the Bitcoin network. Because the cryptographic base of Bitcoin is very secure, the attacker chooses to attack the part that is not directly protected by cryptology: the order of transactions. The attacker's strategy is very simple: 一旦步骤(1)发生,几分钟后矿工将把这笔交易打包到区块,假设是第270000个区块。大约一个小时以后,在此区块后面将会有五个区块,每个区块间接地指向这笔交易,从而确认这笔交易。这时卖家收到货款,并向买家发货。因为我们假设这是数字商品,攻击者可以即时收到货。现在,攻击者创建另一笔交易,将相同的100BTC发送到自己的账户。如果攻击者只是向全网广播这一消息,这一笔交易不会被处理。矿工会运行状态转换函数,发现这笔交易将花费已经不在状态中的UTXO。所以,攻击者会对区块链进行分叉,将第269999个区块作为父区块重新生成第270000个区块,在此区块中用新的交易取代旧的交易。因为区块数据是不同的,这要求重新进行工作量证明。另外,因为攻击者生成的新的第270000个区块有不同的哈希,所以原来的第270001到第270005的区块不指向它,因此原有的区块链和攻击者的新区块是完全分离的。在发生区块链分叉时,区块链长的分支被认为是诚实的区块链,合法的的矿工将会沿着原有的第270005区块后挖矿,只有攻击者一人在新的第270000区块后挖矿。攻击者为了使得他的区块链最长,他需要拥有比除了他以外的全网更多的算力来追赶(即51%攻击)。 Once step (1) occurs, the miner will pack the transaction into a block, assuming that it is the 270,000th block. In about an hour, there will be five blocks behind the block, each of which will indirectly point to the transaction and thereby confirm the transaction. The seller will receive the money and deliver the goods to the buyer. We assume that it is a digital commodity, and the attacker will receive the goods immediately. Now, the attacker will create another transaction, which will send the same 100 BTC to his account. If the attacker only broadcasts the information to the whole network, the transaction will not be processed. 左:仅提供默克尔树(Merkle tree)上的少量节点已经足够给出分支的合法证明。
右:任何对于默克尔树的任何部分进行改变的尝试都会最终导致链上某处的不一致。 Left: Providing only a small number of nodes on Merkle tree is sufficient to give legitimizing proof of the branch. Right: Any attempt to change any part of the Merkle tree will ultimately lead to inconsistencies somewhere in the chain. 比特币系统的一个重要的可扩展特性是:它的区块存储在多层次的数据结构中。一个区块的哈希实际上只是区块头的哈希,区块头是包含时间戳、随机数、上个区块哈希和存储了所有的区块交易的默克尔树的根哈希的长度大约为200字节的一段数据。 An important scalable feature of the Bitcoin system is that its blocks are stored in multilayered data structures. The Hash of one block is actually just Hash of the block, which contains a time stamp, random numbers, the Hash of the previous block, and a piece of data about 200 bytes from the Merkel tree, where all blocks are traded. 默克尔树是一种二叉树,由一组叶节点、一组中间节点和一个根节点构成。最下面的大量的叶节点包含基础数据,每个中间节点是它的两个子节点的哈希,根节点也是由它的两个子节点的哈希,代表了默克尔树的顶部。默克尔树的目的是允许区块的数据可以零散地传送:节点可以从一个源下载区块头,从另外的源下载与其有关的树的其它部分,而依然能够确认所有的数据都是正确的。之所以如此是因为哈希向上的扩散:如果一个恶意用户尝试在树的下部加入一个伪造的交易,所引起的改动将导致树的上层节点的改动,以及更上层节点的改动,最终导致根节点的改动以及区块哈希的改动,这样协议就会将其记录为一个完全不同的区块(几乎可以肯定是带着不正确的工作量证明的)。 The Merkel tree is a two-fork tree, consisting of a set of leaves nodes, a set of intermediate nodes and a root node. The following is a large number of leaves nodes contain basic data, each of which is the Hasi of its two subnodes, and the root node is the Hasi of its two subnodes, representing the top of the Merkel tree. The Merkel tree is intended to allow the data of blocks to be transmitted in a piecemeal manner: node can still be recorded as a completely different block (almost certainly supported by an incorrect workload) from one source downloading block. This is because of the proliferation of Hashi: if a malicious user tries to add a forged transaction to the lower part of the tree, the changes that will result in changes in the upper node of the tree, as well as changes in the upper node, eventually leading to changes in the root node and changes in the Hashi section. 默克尔树协议对比特币的长期持续性可以说是至关重要的。在2014年4月,比特币网络中的一个全节点-存储和处理所有区块的全部数据的节点-需要占用15GB的内存空间,而且还以每个月超过1GB的速度增长。目前,这一存储空间对台式计算机来说尚可接受,但是手机已经负载不了如此巨大的数据了。未来只有商业机构和爱好者才会充当完整节点。简化支付确认(SPV)协议允许另一种节点存在,这样的节点被成为“轻节点”,它下载区块头,使用区块头确认工作量证明,然后只下载与其交易相关的默克尔树“分支”。这使得轻节点只要下载整个区块链的一小部分就可以安全地确定任何一笔比特币交易的状态和账户的当前余额。 In April 2014, a full node in the Bitcoin network - the node for the storage and processing of all data on all blocks - needed to occupy 15 GB memory space and grow at a rate greater than 1 GB per month. At present, this storage space is acceptable for desktop computers, but mobile phones can no longer carry data of this magnitude. Only commercial agencies and fans will be able to act as complete nodes in the future. Simplification of payment confirmation agreements allow another node to exist, which is turned into a “light node”, which downloads blocks, uses block heads to confirm the workload certificate, and then downloads only the Merkel Tree “branch” associated with the transaction. This makes it possible to safely determine any status of the transaction and the current balance of the account compared to the special currency by downloading only a small fraction of the entire block chain. 将区块链的思想应用到其它领域的想法早就出现了。在2005年,尼克萨博提出了“用所有权为财产冠名”的概念,文中描述了复制数据库技术的发展如何使基于区块链的系统可以应用于登记土地所有权,创建包括例如房产权、违法侵占和乔治亚州土地税等概念的详细框架。然而,不幸的是在那时还没有实用的复制数据库系统,所以这个协议被没有被付诸实践。不过,自2009年比特币系统的去中心化共识开发成功以来,许多区块链的其它应用开始快速出现。 The idea of applying the idea of block chains to other areas has long emerged. In 2005, Niksabo introduced the concept of “ownership as the name of property” in which it describes how the development of database-reproducing technologies has enabled systems based on block chains to be applied to the registration of land titles, creating detailed frameworks that include concepts such as property rights, trespasses, and Georgia’s land taxes. 因此,一般而言,建立共识协议有两种方法:建立一个独立的网络和在比特币网络上建立协议。虽然像域名币这样的应用使用第一种方法已经获得了成功,但是该方法的实施非常困难,因为每一个应用需要创建独立的区块链和建立、测试所有状态转换和网络代码。另外,我们预测去中心化共识技术的应用将会服从幂律分布,大多数的应用太小不足以保证自由区块链的安全,我们还注意到大量的去中心化应用,尤其是去中心化自治组织,需要进行应用之间的交互。 Thus, consensus-building agreements are generally based on two approaches: the creation of an independent network and the establishment of an agreement on a Bitcoin network. While the first approach has been successful with applications such as the Domain Currency, its implementation is very difficult because each application requires the creation of an independent block chain and the establishment, testing of all state conversions and network codes. Moreover, we predict that the application of decentralized consensus technologies will be subject to the rule of law, that most applications are too small to guarantee the safety of free block chains, and we note that a large number of decentralized applications, especially decentralized self-governing organizations, require interaction between applications. 另一方面,基于比特币的方法存在缺点,它没有继承比特币可以进行简化确认支付(SPV) 的特性。比特币可以实现简化确认支付,因为比特币可以将区块链深度作为有效性确认代理。在某一点上,一旦一笔交易的祖先们距离现在足够远时,就可以认为它们是合法状态的一部分。与之相反,基于比特币区块链的元币协议不能强迫区块链不包括不符合元币协议的交易。因此,安全的元币协议的简化支付确认需要后向扫描所有的区块,直到区块链的初始点,以确认某一交易是否有效。目前,所有基于比特币的元币协议的“轻”实施都依赖可信任的服务器提供数据,这对主要目的之一是消除信任需要的密码学货币而言,只是一个相当次优的结果。 On the other hand, there are shortcomings in the Bitcoin-based approach, which does not succeed to Bitcoin’s simplified recognition of payments (SPV). Bitcoin can achieve simplified confirmation of payments, because Bitcoin can use the depth of a block chain as a validity confirmation agent. At a point, once the ancestors of a transaction are sufficiently far away, they can be considered to be part of a legal state. 即使不对比特币协议进行扩展,它也能在一定程度上实现”智能合约”。比特币的UTXO可以被不只被一个公钥拥有,也可以被用基于堆栈的编程语言所编写的更加复杂的脚本所拥有。在这一模式下,花费这样的UTXO,必须提供满足脚本的数据。事实上,基本的公钥所有权机制也是通过脚本实现的:脚本将椭圆曲线签名作为输入,验证交易和拥有这一UTXO的地址,如果验证成功,返回1,否则返回0。更加复杂的脚本用于其它不同的应用情况。例如,人们可以创建要求集齐三把私钥中的两把才能进行交易确认的脚本(多重签名),对公司账户、储蓄账户和某些商业代理来说,这种脚本是非常有用的。脚本也能用来对解决计算问题的用户发送奖励。人们甚至可以创建这样的脚本“如果你能够提供你已经发送一定数额的的狗币给我的简化确认支付证明,这一比特币UTXO就是你的了”,本质上,比特币系统允许不同的密码学货币进行去中心化的兑换。 In fact, the basic public key ownership mechanism is also achieved through scripts: scripts use elliptical signature as input, authenticating transactions and having the address of the UTXO, if proven successful, return to one, or return to zero. More sophisticated scripts can be used in other different applications. For example, one can create scripts (multiple signatures) requiring two of the three private keys to be traded, which are very useful for company accounts, savings accounts and certain business agents. Scripts can also be used to reward users who solve computational problems. 然而,比特币系统的脚本语言存在一些严重的限制: However, there are serious limitations to the script language of the Bitcoin system: 我们已经考察了在密码学货币上建立高级应用的三种方法:建立一个新的区块链,在比特币区块链上使用脚本,在比特币区块链上建立元币协议。建立新区块链的方法可以自由地实现任意的特性,成本是开发时间和培育努力。使用脚本的方法非常容易实现和标准化,但是它的能力有限。元币协议尽管非常容易实现,但是存在扩展性差的缺陷。在以太坊系统中,我们的目的是建立一个能够同时具有这三种模式的所有优势的通用框架。 We have examined three ways of establishing advanced applications in cryptography: creating a new block chain, using scripts on the bitcoin block chain, and establishing a currency agreement on the bitcoin block chain. The way of building a new block chain is free to achieve arbitrary characteristics, at the cost of developing time and nurturing efforts. The method of using scripts is very easy to achieve and standardize, but it has limited capacity. 以太坊的目的是基于脚本、竞争币和链上元协议(on-chain meta-protocol)概念进行整合和提高,使得开发者能够创建任意的基于共识的、可扩展的、标准化的、特性完备的、易于开发的和协同的应用。以太坊通过建立终极的抽象的基础层-内置有图灵完备编程语言的区块链-使得任何人都能够创建合约和去中心化应用并在其中设立他们自由定义的所有权规则、交易方式和状态转换函数。域名币的主体框架只需要两行代码就可以实现,诸如货币和信誉系统等其它协议只需要不到二十行代码就可以实现。智能合约-包含价值而且只有满足某些条件才能打开的加密箱子-也能在我们的平台上创建,并且因为图灵完备性、价值知晓(value-awareness)、区块链知晓(blockchain-awareness)和多状态所增加的力量而比比特币脚本所能提供的智能合约强大得多。 The goal is to consolidate and improve the concept of a single-chain meta-protocol, based on scripts, competitive currency, and chain-based meta-protocol, so that developers can create any consensus-based, scalable, standardized, well-defined, easy-to-development and synergistic applications. By creating the ultimate abstract base layer - a block chain with built-in programming language - anyone can create a contract and decentralize the application of their freely defined ownership rules, mode of dealing and status conversion functions. The main framework of a domain currency requires only two lines of code, and other agreements, such as monetary and reputation systems, require less than twenty lines of code. 在以太坊系统中,状态是由被称为“账户”(每个账户由一个20字节的地址)的对象和在两个账户之间转移价值和信息的状态转换构成的。以太坊的账户包含四个部分: In the Etheria system, the status is made up of objects called “accounts” (each account with a 20-by-tem address) and a conversion of the status of the transfer of values and information between the two accounts. 以太币(Ether)是以太坊内部的主要加密燃料,用于支付交易费用。一般而言,以太坊有两种类型的账户:外部所有的账户(由私钥控制的)和合约账户(由合约代码控制)。外部所有的账户没有代码,人们可以通过创建和签名一笔交易从一个外部账户发送消息。每当合约账户收到一条消息,合约内部的代码就会被激活,允许它对内部存储进行读取和写入,和发送其它消息或者创建合约。 The Ether is the main encrypted fuel in the Taiku, which is used to cover transaction costs. In general, there are two types of accounts in the Taiku: externally owned accounts (controlled by private keys) and contractual accounts (controlled by contract codes). All external accounts have no code, and people can send messages from an external account by creating and signing a transaction. Whenever a message is received from a contractual account, the internal code is activated, allowing it to read and write, send other messages or create a contract for internal storage. 以太坊的消息在某种程度上类似于比特币的交易,但是两者之间存在三点重要的不同。第一,以太坊的消息可以由外部实体或者合约创建,然而比特币的交易只能从外部创建。第二,以太坊消息可以选择包含数据。第三,如果以太坊消息的接受者是合约账户,可以选择进行回应,这意味着以太坊消息也包含函数概念。 There are three important differences between the two. First, the message can be created by outside entities or contracts, but the deal can be created only from outside. Second, the message can choose to include data. Third, if the recipient of the message is a contractual account, it can choose to respond, which means that the message also contains a function concept. 以太坊中“交易”是指存储从外部账户发出的消息的签名数据包。交易包含消息的接收者、用于确认发送者的签名、以太币账户余额、要发送的数据和两个被称为STARTGAS和GASPRICE的数值。为了防止代码的指数型爆炸和无限循环,每笔交易需要对执行代码所引发的计算步骤-包括初始消息和所有执行中引发的消息-做出限制。STARTGAS就是限制,GASPRICE是每一计算步骤需要支付矿工的费用。如果执行交易的过程中,“用完了瓦斯”,所有的状态改变恢复原状态,但是已经支付的交易费用不可收回了。如果执行交易中止时还剩余瓦斯,那么这些瓦斯将退还给发送者。创建合约有单独的交易类型和相应的消息类型;合约的地址是基于账号随机数和交易数据的哈希计算出来的。 In order to prevent an exponential explosion and an unlimited cycle of codes, each transaction requires a restriction on the computational steps triggered by the execution code, including initial messages and all information generated by the execution. STARTGAS is a limitation, whereby each calculation step involves paying the cost to the miners. If the transaction is carried out, “excessed gas” changes the status quo ante, but the transaction costs already paid are uncollectible. If the transaction is suspended, the gas will be returned to the sender. There is a separate transaction type and corresponding message type for the creation of the contract; the address of the contract is calculated on the basis of the random number of the account number and the transaction data. 消息机制的一个重要后果是以太坊的“头等公民”财产-合约与外部账户拥有同样权利,包括发送消息和创建其它合约的权利。这使得合约可以同时充当多个不同的角色,例如,用户可以使去中心化组织(一个合约)的一个成员成为一个中介账户(另一个合约),为一个偏执的使用定制的基于量子证明的兰波特签名(第三个合约)的个人和一个自身使用由五个私钥保证安全的账户(第四个合约)的共同签名实体提供居间服务。以太坊平台的强大之处在于去中心化的组织和代理合约不需要关心合约的每一参与方是什么类型的账户。 An important consequence of the information mechanism is that the community’s “first-class citizen” property-contracts have the same rights as external accounts, including the right to send messages and create other contracts. This allows the contract to play several different roles at the same time. For example, users can turn a member of a decentralized organization (one contract) into an intermediary account (the other), an individual who has a biased use of a Quantum-based signature (the third contract) and a co-signing entity that uses an account (the fourth contract) with five private keys to secure it. 以太坊的状态转换函数:,可以定义如下: Convert function with the status of Taiwan: This can be defined as follows: 需要注意的是,在现实中合约代码是用底层以太坊虚拟机(EVM)代码写成的。上面的合约是用我们的高级语言Serpent语言写成的,它可以被编译成EVM代码。假设合约存储器开始时是空的,一个值为10以太,瓦斯为2000,瓦斯价格为0.001以太并且64字节数据,第一个三十二字节的块代表号码2和第二个代表词。的交易发送后,状态转换函数的处理过程如下: It should be noted that in reality the contract code is written from the bottom using the EVM code. The contract above is written in our advanced language, Serpent, and it can be compiled into the EVM code. Assuming that the contract repository is empty at the beginning, one value is 10 ff., gas is 2000 and gas prices are 0.001 and 64 bytes, and the first 32 bytes of block representative number 2 and the second bytes are treated as follows: 以太坊合约的代码是使用低级的基于堆栈的字节码的语言写成的,被称为“以太坊虚拟机代码”或者“EVM代码”。代码由一系列字节构成,每一个字节代表一种操作。一般而言,代码执行是无限循环,程序计数器每增加一(初始值为零)就执行一次操作,直到代码执行完毕或者遇到错误,或者指令。操作可以访问三种存储数据的空间: The code for the Taiwan contract is written in low-level, stack-based byte-codes, known as " By Taiwan Virtual Machine Code " or " EVM Code ". The code consists of a series of bytes, each of which represents an operation. In general, the code execution is an infinity loop, and the program counter performs an operation for each additional one (initial value zero) until the code is executed or there is an error, or command. The operation can access the space in which three types of data are stored: 代码可以象访问区块头数据一样访问数值,发送者和接受到的消息中的数据,代码还可以返回数据的字节队列作为输出。 The code allows access to values like the data on the head of the block, the sender and the data in the message received, and the code returns the byte queue of the data as an output. EVM代码的正式执行模型令人惊讶地简单。当以太坊虚拟机运行时,它的完整的计算状态可以由元组来定义,这里是包含所有账户余额和存储的全局状态。每轮执行时,通过调出代码的第(程序计数器)个字节,当前指令被找到,每个指令都有定义自己如何影响元组。例如,将两个元素出栈并将它们的和入栈,将(瓦斯)减一并将加一,将顶部的两个元素出栈并将第二个元素插入到由第一个元素定义的合约存储位置,同样减少最多200的gas值并将加一,虽然有许多方法通过即时编译去优化以太坊,但以太坊的基础性的实施可以用几百行代码实现。 The formal implementation model of the EVM code is surprisingly simple. When running in the Taiwan virtual machine, its full computing state can be defined by the array, which contains the global state of all account balances and storage. At each round of implementation, the current command is found through the first (programme counter) bytes of the code that are transferred out, and each command defines how it affects the set. For example, when two elements are out of stock and their contents are in stock, one (gas) will be reduced and one will be added, the top two elements will be out of stock and the second will be inserted into the contractual storage position defined by the first element, and the maximum 200 gas values will be reduced and one will be added. While there are many ways to optimize the Taiku by instantaneous editing, the basic implementation of the Taiku will be accomplished by hundreds of lines of code. 虽然有一些不同,但以太坊的区块链在很多方面类似于比特币区块链。它们的区块链架构的不同在于,以太坊区块不仅包含交易记录和最近的状态,还包含区块序号和难度值。以太坊中的区块确认算法如下: Although there are some differences, Ether’s block chain is in many ways similar to the Bitcoin block chain. The difference in their block chain structure is that Ether’s block contains not only transaction records and the most recent state, but also block serial numbers and difficulty values. 这一确认方法乍看起来似乎效率很低,因为它需要存储每个区块的所有状态,但是事实上以太坊的确认效率可以与比特币相提并论。原因是状态存储在树结构中(tree structure),每增加一个区块只需要改变树结构的一小部分。因此,一般而言,两个相邻的区块的树结构的大部分应该是相同的,因此存储一次数据,可以利用指针(即子树哈希)引用两次。一种被称为“帕特里夏树”(“Patricia Tree”)的树结构可以实现这一点,其中包括了对默克尔树概念的修改,不仅允许改变节点,而且还可以插入和删除节点。另外,因为所有的状态信息是最后一个区块的一部分,所以没有必要存储全部的区块历史-这一方法如果能够可以应用到比特币系统中,经计算可以对存储空间有10-20倍的节省。 This method of confirmation appears to be inefficient at first glance, because it requires the storage of all the state of each block, but in fact the efficiency of the Taiwan identification can be compared to that of Bitcoin. The reason is that the state is stored in tree structures (tree rule), with each additional block only a fraction of the tree structure being changed. As a general rule, therefore, most of the tree structure of the two adjacent blocks should be the same, so that data can be stored once and can be quoted twice with a pointer (i.e., a sub-tree). A tree structure called “Patricia Tree” can achieve this, including a change in the Merkel tree concept, allowing not only a change of node, but also the insertion and deletion of nodes. Moreover, since all state information is part of the last block, it is not necessary to store all the history of the blocks - a method that can be applied to a bitcoin system and can be calculated to save the storage space by 10-20 times. 一般来讲,以太坊之上有三种应用。第一类是金融应用,为用户提供更强大的用他们的钱管理和参与合约的方法。包括子货币,金融衍生品,对冲合约,储蓄钱包,遗嘱,甚至一些种类的全面的雇佣合约。第二类是半金融应用,这里有钱的存在但也有很重的非金钱的方面,一个完美的例子是为解决计算问题而设的自我强制悬赏。最后,还有在线投票和去中心化治理这样的完全的非金融应用。 The first is financial applications, which provide users with stronger ways to manage and participate in contracts with their money. These include sub-currencys, financial derivatives, hedge contracts, savings wallets, wills, and even some types of comprehensive employment contracts. The second is semi-financial applications, where there is money but where there is a significant non-monetary aspect. 链上令牌系统有很多应用,从代表如美元或黄金等资产的子货币到公司股票,单独的令牌代表智能资产,安全的不可伪造的优惠券,甚至与传统价值完全没有联系的用来进行积分奖励的令牌系统。在以太坊中实施令牌系统容易得让人吃惊。关键的一点是理解,所有的货币或者令牌系统,从根本上来说是一个带有如下操作的数据库:从A中减去X单位并把X单位加到B上,前提条件是(1)A在交易之前有至少X单位以及(2)交易被A批准。实施一个令牌系统就是把这样一个逻辑实施到一个合约中去。 The chain of command systems has many applications, ranging from sub-currencys representing assets such as United States dollars or gold to company shares, with separate tokens representing smart assets, secure and non-forgerable coupons, and even a token system that has no connection to traditional values to provide a credit incentive. It is easy to implement a token system in Ether. The key point is to understand that all money or token systems are essentially a database with the following: subtracting X units from A and adding X units to B units, provided that (1) A has at least X units prior to the transaction and (2) transactions are approved by A. Implementation of a token system is to implement such a logic into a contract. 用Serpent语言实施一个令牌系统的基本代码如下: The basic code for implementing a token system in the Serpent language is as follows: 这从本质上来说是本文将要进一步描述的“银行系统”状态转变功能的一个最小化实施。需要增加一些额外的代码以提供在初始和其它一些边缘情况下分发货币的功能,理想情况下会增加一个函数让其它合约来查询一个地址的余额。就足够了。理论上,基于以太坊的充当子货币的令牌系统可能包括一个基于比特币的链上元币所缺乏的重要功能:直接用这种货币支付交易费的能力。实现这种能力的方法是在合约里维护一个以太币账户以用来为发送者支付交易费,通过收集被用来充当交易费用的内部货币并把它们在一个不断运行的拍卖中拍卖掉,合约不断为该以太币账户注资。这样用户需要用以太币“激活”他们的账户,但一旦账户中有以太币它将会被重复使用因为每次合约都会为其充值。 In essence, this is a minimal implementation of the “bank system” state transformation function that this paper will further describe. Additional codes are needed to provide the function of distributing money in initial and other peripheral situations, ideally adding a function to allow other contracts to search for the balance of an address. 金融衍生品是“智能合约”的最普遍的应用,也是最易于用代码实现的之一。实现金融合约的主要挑战是它们中的大部分需要参照一个外部的价格发布器;例如,一个需求非常大的应用是一个用来对冲以太币(或其它密码学货币)相对美元价格波动的智能合约,但该合约需要知道以太币相对美元的价格。最简单地方法是通过由某特定机构(例如纳斯达克)维护的“数据提供“合约进行,该合约的设计使得该机构能够根据需要更新合约,并提供一个接口使得其它合约能够通过发送一个消息给该合约以获取包含价格信息的回复。 Financial derivatives are one of the most common applications of “smart contracts” and one of the most readily available codes. The main challenge in achieving financial contracts is that most of them need to be based on an external price publisher; for example, a very high-demand application is an intelligent contract used to hedge against price fluctuations in the Tai currency (or other cryptographic currencies) against the United States dollar, but the contract needs to know the price in the same currency against the United States dollar. The simplest way is through a “data supply” contract maintained by a particular institution (e.g. Nasdak), which is designed to enable the agency to update the contract as needed and to provide an interface to enable other contracts to send a message to the contract to obtain a response containing price information. 当这些关键要素都齐备,对冲合约看起来会是下面的样子: When these key elements are ready, the hedge contract will look like the following: 最早的替代币,域名币,尝试使用一个类比特币块链来提供一个名称注册系统,在那里用户可以将他们的名称和其它数据一起在一个公共数据库注册。最常用的应用案例把象“bitcoin.org“(或者再域名币中,”bitcoin.bit“)一样的域名与一个IP地址对应的域名系统。其它的应用案例包括电子邮件验证系统和潜在的更先进的信誉系统。这里是以太坊中提供与域名币类似的的名称注册系统的基础合约: The earliest replacement currency, domain currency, is an attempt to provide a name registration system using a bitcoin-like block chain where users can register their names and other data together in a public database. The most commonly used application is a domain name that corresponds to an IP address, like “bitcoin.org” or “bitcoin.bit”. Other applications include e-mail validation systems and potentially more advanced credit systems. This is a basic contract for providing a name registration system similar to a domain currency in Taiwan: 合约非常简单;就是一个以太坊网络中的可以被添加但不能被修改或移除的数据库。任何人都可以把一个名称注册为一个值并永远不变。一个更复杂的名称注册合约将包含允许其他合约查询的“功能条款“,以及一个让一个名称的”拥有者“(即第一个注册者)修改数据或者转让所有权的机制。甚至可以在其上添加信誉和信任网络功能。 Contracts are simple; they are a database that can be added but cannot be modified or removed in the Taiwan network. Anyone can register a name as a value and remain constant. A more complex name registration contract will contain a “functional clause” that allows other contract queries, as well as a mechanism that allows the owner of a name to modify data or transfer ownership (i.e. the first registrant). 在过去的几年里出现了一些大众化的在线文件存储初创公司,最突出的是Dropbox,它寻求允许用户上传他们的硬盘备份,提供备份存储服务并允许用户访问从而按月向用户收取费用。然而,在这一点上这个文件存储市场有时相对低效;对现存服务的粗略观察表明,特别地在“神秘谷“20-200GB这一既没有免费空间也没有企业级用户折扣的水平上,主流文件存储成本每月的价格意味着支付在一个月里支付整个硬盘的成本。以太坊合约允许去中心化存储生态的开发,这样用户通过将他们自己的硬盘或未用的网络空间租出去以获得少量收益,从而降低了文件存储的成本。 In the past few years, a number of popular online document storage start-ups have emerged, most notably Dropbox, which seeks to allow users to upload their hard disk backups, provide back-up storage services and allow users to access them in order to charge them monthly fees. On this point, however, this document storage market is sometimes relatively inefficient; rough observations of existing services suggest that the monthly price of mainstream document storage costs, especially at the level of the “Mystic Valley” 20-200GB, which has neither free space nor firm-level user discounts, means paying for the entire hard disk in one month. The Taipan contract allows for the centralization of the ecological development, so that users can lower the cost of document storage by renting their own hard disk or unused network space. 这样的设施的基础性构件就是我们所谓的“去中心化Dropbox合约“。这个合约工作原理如下。首先,某人将需要上传的数据分成块,对每一块数据加密以保护隐私,并且以此构建一个默克尔树。然后创建一个含以下规则的合约,每N个块,合约将从默克尔树中抽取一个随机索引(使用能够被合约代码访问的上一个块的哈希来提供随机性), 然后给第一个实体X以太以支撑一个带有类似简化验证支付(SPV)的在树中特定索引处的块的所有权证明。当一个用户想重新下载他的文件,他可以使用微支付通道协议(例如每32k字节支付1萨博)恢复文件;从费用上讲最高效的方法是支付者不到最后不发布交易,而是用一个略微更合算的带有同样随机数的交易在每32k字节之后来代替原交易。 The underlying building blocks of such a facility are what we call the “decentralization of the Dropbox contract.” The principles of the contract are as follows. First, a person will need to upload data blocks, encrypt every piece of data to protect privacy, and build a Merkel tree accordingly. Then create a contract with the following rules, each N, to draw a random index from the Merkel tree (to provide randomity using the previous section of Hash, which can be accessed by the contract code), and then give the first entity X too much to support a specific section of the tree with a similar simplified certification payment (SPV). 这个协议的一个重要特征是,虽然看起来象是一个人信任许多不准备丢失文件的随机节点,但是他可以通过秘密分享把文件分成许多小块,然后通过监视合同得知每个小块都还被某个节点的保存着。如果一个合约依然在付款,那么就提供了某个人依然在保存文件的证据。 An important feature of this agreement is that, while it appears that a person trusts many random nodes that are not prepared to lose documents, he can divide them into many small blocks by secret sharing, and then learn, through surveillance contracts, that each one of them is kept by a certain node. If a contract is still paying, then there is evidence that someone is still saving the document. 通常意义上“去中心化自治组织(DAO, decentralized autonomous organization)”的概念指的是一个拥有一定数量成员或股东的虚拟实体,依靠比如67%多数来决定花钱以及修改代码。成员会集体决定组织如何分配资金。分配资金的方法可能是悬赏,工资或者更有吸引力的机制比如用内部货币奖励工作。这仅仅使用密码学块链技术就从根本上复制了传统公司或者非营利组织的法律意义以实现强制执行。至此许多围绕DAO的讨论都是围绕一个带有接受分红的股东和可交易的股份的“去中心化自治公司(DAC,decentralized autonomous corporation)”的“资本家”模式;作为替代者,一个被描述为“去中心化自治社区(decentralized autonomous community)”的实体将使所有成员都在决策上拥有同等的权利并且在增减成员时要求67%多数同意。每个人都只能拥有一个成员资格这一规则需要被群体强制实施。 The concept of “decentralized self-organization” usually means a virtual entity with a certain number of members or shareholders, relying, for example, on a 67% majority to decide how to spend and modify the code. Members collectively decide how to allocate the funds. The method for allocating the funds may be a reward, a wage, or a more attractive mechanism, such as an in-house monetary reward. This merely reproduces the legal significance of traditional companies or non-profit organizations for enforcement. 下面是一个如何用代码实现DO的纲要。最简单地设计就是一段如果三分之二成员同意就可以自我修改的代码。虽然理论上代码是不可更改的,然而通过把代码主干放在一个单独的合约内并且把合约调用的地址指向一个可更改的存储依然可以容易地绕开障碍而使代码变得可修改,在一个这样的DAO合约的简单实现中有三种交易类型,由交易提供的数据区分: The following is an outline of how to use a code to achieve a DO. The simplest design is a code that can be self-modified if two-thirds of the members agree. Although the theoretical code is unalterable, the code can be modified by placing the core of the code in a separate contract and pointing the address of the contract to a variable storage that can still easily circumvent the barrier. In one such DAO contract, there are three types of transactions that are distinguished by the data provided by the transaction: 然后合约对每一项都有具体的条款。它将维护一个所有开放存储的更改记录以及一个谁投票表决的表。还有一个所有成员的表。当任何存储内容的更改获得了三分之二多数同意,一个最终的交易将执行这项更改。一个更加复杂的框架会增加内置的选举功能以实现如发送交易,增减成员,甚至提供委任制民主一类的投票代表(即任何人都可以委托另外一个人来代表自己投票,而且这种委托关系是可以传递的,所以如果A委托了B然后B委托了C那么C将决定A的投票)。这种设计将使DAO作为一个去中心化社区有机地成长, 使人们最终能够把挑选合适人选的任务交给专家,与当前系统不同,随着社区成员不断改变他们的站队假以时日专家会容易地出现和消失。 一个替代的模式是去中心化公司,那里任何账户可以拥有0到更多的股份,决策需要三分之二多数的股份同意。一个完整的框架将包括资产管理功能-可以提交买卖股份的订单以及接受这种订单的功能(前提是合约里有订单匹配机制)。代表依然以委任制民主的方式存在,产生了“董事会”的概念。 A more complex framework would add built-in electoral functions such as sending transactions, adding or reducing members, and even providing voting representatives such as mandate democracy (that is, anyone can entrust another person to vote on their own behalf, and that the trust relationship is transferable, so if A entrusts B and then B entrusts C with the vote, then C will decide A. Such a design would allow DAO to grow organically as a decentralized community, and would eventually allow the task of selecting suitable candidates to be assigned to experts, unlike the current system, and would easily emerge and disappear as members of the community change their team leave to a time-to-day basis. One alternative model would be to centralize the company, where any account could have zero to more shares, and where a two-thirds majority of the shares would be required for decision-making. 更先进的组织治理机制可能会在将来实现;现在一个去中心化组织(DO)可以从去中心化自治组织(DAO)开始描述。DO和DAO的区别是模糊的,一个大致的分割线是治理是否可以通过一个类似政治的过程或者一个“自动”过程实现,一个不错的直觉测试是“无通用语言”标准:如果两个成员不说同样的语言组织还能正常运行吗?显然,一个简单的传统的持股式公司会失败,而象比特币协议这样的却很可能成功,罗宾·汉森的“futarchy”,一个通过预测市场实现组织化治理的机制是一个真正的说明“自治”式治理可能是什么样子的好例子。注意一个人无需假设所有DAO比所有DO优越;自治只是一个在一些特定场景下有很大优势的,但在其它地方未必可行的范式,许多半DAO可能存在。 More advanced organizational governance mechanisms may be realized in the future; a decentralized organization (DO) can now begin to describe it from decentralised self-government (DAO). The difference between DO and DAO is vague, a broad dividing line is whether governance can be achieved through a similar political process or an “automatic” process, and a good intuition test is “non-universal language”: if two members do not say the same language organization can function properly. Clearly, a simple traditional stock-holding company would fail, but a bitcoin agreement is likely to succeed, and Robin Hansen's “futarchy” mechanism of organizing governance by predicting the market is a truly good example of what “autonomy” governance might look like. Note that a person does not need to assume that all DAOs are superior to all DOs; autonomy is only one that has great advantages in some particular contexts, but many semi-DAOs may exist. 5.云计算。EVM技术还可被用来创建一个可验证的计算环境,允许用户邀请他人进行计算然后选择性地要求提供在一定的随机选择的检查点上计算被正确完成的证据。这使得创建一个任何用户都可以用他们的台式机,笔记本电脑或者专用服务器参与的云计算市场成为可能,现场检查和安全保证金可以被用来确保系统是值得信任的(即没有节点可以因欺骗获利)。虽然这样一个系统可能并不适用所有任务;例如,需要高级进程间通信的任务就不易在一个大的节点云上完成。然而一些其它的任务就很容易实现并行;SETI@home, folding@home和基因算法这样的项目就很容易在这样的平台上进行。 cloud computing. EVM technology can also be used to create a verifiable computing environment, allowing users to invite others to perform calculations and to selectively request evidence of the correct completion of calculations at selected random checkpoints. This makes it possible to create a cloud computing market in which any user can use their desktops, laptops or dedicated servers, and on-site inspections and security payments can be used to ensure that the system is trustworthy (i.e. no no nodes can profit from deception). 6.点对点赌博。任意数量的点对点赌博协议都可以搬到以太坊的区块链上,例如Frank Stajano和Richard Clayton的Cyberdice。 最简单的赌博协议事实上是这样一个简单的合约,它用来赌下一个区块的哈稀值与猜测值之间的差额, 据此可以创建更复杂的赌博协议,以实现近乎零费用和无欺骗的赌博服务。 Any number of point-to-point gambling agreements can be moved to the Etherm's block chain, such as Frank Stajano and Richard Clayton's Cyberdice. The simplest gambling agreements are, in fact, such simple contracts, which are used to gamble the difference between the hare and guess values of the next block, thus creating more complex gambling agreements to achieve near-zero-cost and non-fraud gambling services. 7.预测市场。 不管是有神谕还是有谢林币,预测市场都会很容易实现,带有谢林币的预测市场可能会被证明是第一个主流的作为去中心化组织管理协议的“futarchy”应用。 predicts the market . Whether there is an encyclical or a Sherein coin, the market is expected to be easily realized, and the forecast market with the Sherein coin may prove to be the first mainstream application of the “futarchy” as a decentralized organization management agreement. 8.链上去中心化市场,以身份和信誉系统为基础。 The chain goes up to the central market, based on identity and credibility systems. “幽灵“协议("Greedy Heaviest Observed Subtree" (GHOST) protocol)是由Yonatan Sompolinsky 和 Aviv Zohar在2013年12月引入的创新。幽灵协议提出的动机是当前快速确认的块链因为区块的高作废率而受到低安全性困扰;因为区块需要花一定时间(设为t)扩散至全网,如果矿工A挖出了一个区块然后矿工B碰巧在A的区块扩散至B之前挖出了另外一个区块,矿工B的区块就会作废并且没有对网络安全作出贡献。此外,这里还有中心化问题:如果A是一个拥有全网30%算力的矿池而B拥有10%的算力,A将面临70%的时间都在产生作废区块的风险而B在90%的时间里都在产生作废区块。因此,如果作废率高,A将简单地因为更高的算力份额而更有效率,综合这两个因素,区块产生速度快的块链很可能导致一个矿池拥有实际上能够控制挖矿过程的算力份额。 The phantom protocol is motivated by the fact that the fast-recognizing chain is currently compromised by the high turnover of blocks; because the block takes some time (set up as t) to spread to the whole net, if miner A digs out a block and miner B coincidentally digs another block before block A spreads to B, miner B's block is destroyed and does not contribute to cybersecurity. In addition, there is the problem of centralization: if A is a 30% network-based pool and B has 10% capacity, A will be faced with 70% of the time to spread to the whole network, and B has 90% of the time to create a waste block, and therefore, if it happens to be high, A will simply be able to account for a higher share of the efficiency of these two elements, which could lead to a very high share of the fast-moving mining chain. 正如Sompolinsky 和 Zohar所描述的,通过在计算哪条链“最长”的时候把废区块也包含进来,幽灵协议解决了降低网络安全性的第一个问题;这就是说,不仅一个区块的父区块和更早的祖先块,祖先块的作废的后代区块(以太坊术语中称之为“叔区块”)也被加进来以计算哪一个区块拥有支持其的最大工作量证明。我们超越了Sompolinsky 和 Zohar所描述的协议以解决第二个问题 – 中心化倾向,以太坊付给以“叔区块”身份为新块确认作出贡献的废区块87.5%的奖励,把它们纳入计算的“侄子区块”将获得奖励的12.5%,不过,交易费用不奖励给叔区块。 以太坊实施了一个只下探到第五层的简化版本的幽灵协议。其特点是,废区块只能以叔区块的身份被其父母的第二代至第五代后辈区块,而不是更远关系的后辈区块(例如父母区块的第六代后辈区块,或祖父区块的第三代后辈区块)纳入计算。这样做有几个原因。首先,无条件的幽灵协议将给计算给定区块的哪一个叔区块合法带来过多的复杂性。其次,带有以太坊所使用的补偿的无条件的幽灵协议剥夺了矿工在主链而不是一个公开攻击者的链上挖矿的激励。最后,计算表明带有激励的五层幽灵协议即使在出块时间为15s的情况下也实现了了95%以上的效率,而拥有25%算力的矿工从中心化得到的益处小于3%。 As Sompolinsky and Zohar have described, the first problem of reducing cyber security is solved by including scrap blocks in the calculation of the “maximum” chain; that is, not only the parent block of a block and the early ancestors of an ancestral block, but also the “neighbour block” (referred to as the “uncle block”) are added to calculate which block has the greatest amount of work to support. We have gone beyond the agreement described by Sompolinsky and Zohar to solve the second problem – the centralization propensity to pay 87.5 per cent of the waste block identified as contributing to the new block in the neighbourhood as the “class block”, which will be rewarded by 12.5 per cent of the calculated “neighbour block”, but the transaction cost will not be rewarded to the uncle block. 因为每个发布的到区块链的交易都占用了下载和验证的成本,需要有一个包括交易费的规范机制来防范滥发交易。比特币使用的默认方法是纯自愿的交易费用,依靠矿工担当守门人并设定动态的最低费用。因为这种方法是“基于市场的”,使得矿工和交易发送者能够按供需来决定价格,所以这种方法在比特币社区被很顺利地接受了。然而,这个逻辑的问题在于,交易处理并非一个市场;虽然根据直觉把交易处理解释成矿工给发送者提供的服务是很有吸引力的,但事实上一个矿工收录的交易是需要网络中每个节点处理的,所以交易处理中最大部分的成本是由第三方而不是决定是否收录交易的矿工承担的。于是,非常有可能发生公地悲剧。 Because each published transaction to the block chain consumes the cost of downloading and validation, there is a regulatory mechanism that includes transaction fees to guard against abusive transactions. Bitcoin uses the default method of purely voluntary transaction costs, relying on miners to act as gatekeepers and set dynamic minimum costs. This method is “market-based” and allows miners and transaction senders to determine prices on the basis of supply and demand, so it is well accepted in the Bitcoi community. The logical problem is, however, that transaction processing is not a market; while it is attractive to intuitively interpret the transaction as a service provided by miners to senders, the fact is that a transaction recorded by a miner is handled by each node of the network, so the largest portion of the cost of transaction processing is borne by third parties rather than by miners deciding whether to take the transaction. 然而,当给出一个特殊的不够精确的简化假设时,这个基于市场的机制的漏洞很神奇地消除了自己的影响。论证如下。假设: However, when a special, less precise, simplified hypothesis is given, the loopholes in this market-based mechanism have magically eliminated its impact. The argument is as follows: 当预期奖励大于成本时,矿工愿意挖矿。这样,因为矿工有1/N 的机会处理下一个区块,所以预期的收益是 kR/N , 矿工的处理成本简单为 kC. 这样当 kR/N > kC, 即 R > NC时。矿工愿意收录交易。注意 R 是由交易发送者提供的每步费用,是矿工从处理交易中获益的下限。 NC 是全网处理一个操作的成本。所以,矿工仅有动机去收录那些收益大于成本的交易。 然而,这些假设与实际情况有几点重要的偏离: When the expected reward is greater than the cost, the miners are willing to dig the mine. So, because the miners have an opportunity to handle the next block, the expected benefit is kR/N. The cost of processing the miner is simply kC. So when the kR/N & gt; kC, R & gt; NC. The miners are willing to take up the transaction. Note that R is the cost per step from the sender of the transaction, which is the lower limit for the miner to benefit from processing the transaction. NC is the cost of processing an operation. So the miners are motivated only to receive transactions where the profit is greater than the cost. BLK_LIMIT_FACTOR 和 EMA_FACTOR 是暂且被设为 65536 和 1.5 的常数,但可能会在更深入的分析后调整。 回复 BLK_LIMIT_FACTOR and EMA_FACTOR are temporary constants of 65536 and 1.5, but may be adjusted after more in-depth analysis. 需要强调的是以太坊虚拟机是图灵完备的; 这意味着EVM代码可以实现任何可以想象的计算,包括无限循环。EVM代码有两种方式实现循环。首先, JUMP 指令可以让程序跳回至代码前面某处,还有允许如 一样的条件语句的JUMPI 指令实现条件跳转。其次,合约可以调用其它合约,有通过递归实现循环的潜力。这很自然地导致了一个问题:恶意用户能够通过迫使矿工和全节点进入无限循环而不得不关机吗? 这问题出现是因为计算机科学中一个叫停机问题的问题:一般意义上没有办法知道,一个给定的程序是否能在有限的时间内结束运行。 First, the JUMP command allows the program to jump back to somewhere in front of the code, and also allows the JUMPI directive to jump under the same conditions. Secondly, the contract can call on other contracts and have the potential to achieve the cycle by relativizing. This naturally leads to the question: can malicious users have to shut down a machine by forcing miners and entire nodes into an infinite cycle? This is a problem in computer science: there is no way, in general, to know whether a given program can end in a limited time. 正如在状态转换章节所述,我们的方案通过为每一个交易设定运行执行的最大计算步数来解决问题,如果超过则计算被恢复原状但依然要支付费用。消息以同样的方式工作。为显示这一方案背后的动机,请考虑下面的例子: As noted in the status conversion chapter, our programme addresses the problem by setting the maximum number of steps to run each transaction, and, if over, calculating the costs of restitution. Messages work in the same way. To illustrate the motives behind the programme, consider the following examples: 现在,发送一个这样的交易给A,这样,在51个交易中,我们有了一个需要花费2^50 步计算的合约,矿工可能尝试通过为每一个合约维护一个最高可执行步数并且对于递归调用其它合约的合约计算可能执行步数从而预先检测这样的逻辑炸弹,但是这会使矿工禁止创建其它合约的合约(因为上面26个合约的创建和执行可以很容易地放入一个单独合约内)。另外一个问题点是一个消息的地址字段是一个变量,所以通常来讲可能甚至无法预先知道一个合约将要调用的另外一个合约是哪一个。于是,最终我们有了一个惊人的结论:图灵完备的管理惊人地容易,而在缺乏同样的控制时图灵不完备的管理惊人地困难- 那为什么不让协议图灵完备呢? Now, sending a deal like this to A so that, of 51 transactions, we have a contract that costs 2.50 steps, and miners may try to pre-detect a logical bomb by maintaining a maximum implementable step for each contract and calculating the number of steps that might be carried out for relativating contracts using other contracts, but this would prohibit miners from creating other contracts (because the creation and execution of the 26 above contracts can easily be placed in a separate contract). Another problem is that the address field of a message is a variable, so it may normally not even be known in advance which of the other contracts a contract is going to be used. So, in the end, we have an amazing conclusion: good management is amazingly easy, and poorly managed in the absence of the same control — so why not let the agreement be perfect? 以太坊网络包含自身的内置货币以太币,以太币扮演双重角色,为各种数字资产交易提供主要的流动性,更重要的是提供了了支付交易费用的一种机制。为便利及避免将来的争议期间(参见当前的mBTC/uBTC/聪的争论),不同面值的名称将被提前设置: In order to facilitate and avoid future disputes (see the current mBTC/uBTC/hearing debate), the name of the different face value will be set in advance: 这应该被当作是“元”和“分”或者“比特币”和“聪”的概念的扩展版,在不远的将来,我们期望“以太”被用作普通交易,“芬尼”用来进行微交易,“萨博”和“伟”用来进行关于费用和协议实施的讨论。 This should be seen as an extension of the concepts of “dollars” and “points” or “bitcoin” and “hearing”, and in the near future we expect that the term “ether” will be used as a general transaction, that the term “fenni” will be used for micro-trading, and that the terms “sabo” and “vi” will be used to discuss costs and the implementation of agreements. 发行模式如下: The distribution pattern is as follows: 永久线性增长模型降低了在比特币中出现的财富过于集中的风险,并且给予了活在当下和将来的人公平的机会去获取货币,同时保持了对获取和持有以太币的激励,因为长期来看“货币供应增长率”是趋于零的。我们还推断,随着时间流逝总会发生因为粗心和死亡等原因带来的币的遗失,假设币的遗失是每年货币供应量的一个固定比例,则最终总的流通中的货币供应量会稳定在一个等于年货币发行量除以遗失率的值上(例如,当遗失率为1%时,当供应量达到30x时,每年有0.3x被挖出同时有0.3x丢失,达到一个均衡)。 The permanent linear growth model reduces the risk of excessive concentration of wealth in bitcoins and gives people living in the present and in the future a fair opportunity to acquire money, while maintaining incentives for acquisition and holding in tata coins, since “currency supply growth rates” tend to be zero in the long term. We also assume that, over time, currency losses are always lost as a result of carelessness and death, assuming that the loss is a fixed proportion of the annual money supply, and eventually the money supply in total circulation is stabilized at a value equal to the annual currency distribution divided by the loss rate (e.g., 0.3 x is dug up and 0.3 x lost each year at a rate of 1 per cent when the supply reaches 30 x, and a balance is reached).
除了线性的发行方式外,和比特币一样以太币的的供应量增长率长期来看也趋于零。 In addition to linear distribution, the rate of supply growth in the same currency as that of Bitcoin has tended to be zero in the long run. 比特币挖矿算法基本上是让矿工千万次地轻微改动区块头,直到最终某个节点的改动版本的哈希小于目标值(目前是大约2190)。然而,这种挖矿算法容易被两种形式的中心化攻击。第一种,挖矿生态系统被专门设计的因而在比特币挖矿这一特殊任务上效率提高上千倍的ASICs(专用集成电路)和电脑芯片控制。这意味着比特币挖矿不再是高度去中心化的和追求平等主义的,而是需要巨额资本的有效参与。第二种,大部分比特币矿工事实上不再在本地完成区块验证;而是依赖中心化的矿池提供区块头。这个问题可以说很严重:在本文写作时,最大的两个矿池间接地控制了大约全网50%的算力,虽然当一个矿池或联合体尝试51%攻击时矿工可以转换到其它矿池这一事实减轻了问题的严重性。 The Bitcoin mining algorithm basically allows miners to slightly alter the head of a block tens of thousands of times until the final version of a modified version of a node, Harshi, is less than the target value (currently approximately 2190). However, this mining algorithm is easily attacked by two forms of centralization. First, the mining ecosystem is specifically designed, thus increasing efficiency in the special task of digging in bitcoin, ASICs (specially integrated circuits) and computer chip control. This means that bitcoin digs are no longer highly centralized and egalitarian, but require effective participation in large amounts of capital. Second, most bitcoin miners are in fact no longer completing local block certification; rather, they rely on centralized pits to provide block sizes. The problem can be described as serious: at the time of writing, the two largest ponds indirectly control about 50% of the entire net, although the fact that a miner can switch to other ponds when a pond or consortium tries 51% of the attack reduces the problem. 以太坊现在的目的是使用一个基于为每1000个随机数随机产生唯一哈希的函数的挖矿算法,用足够宽的计算域,去除专用硬件的优势。这样的策略当然不会使中心化的收益减少为零,但是也不需要。注意每单个用户使用他们的私人笔记本电脑或台式机就可以几乎免费地完成一定量的挖矿活动,但当到了100%的CPU使用率之后更多地挖矿就会需要他们支付电力和硬件成本。ASIC挖矿公司需要从第一个哈希开始就为电力和硬件支付成本。所以,如果中心化收益能够保持在(E + H) /E 以下,那么即使ASICs被制造出来普通矿工依然有生存空间。另外,我们计划将挖矿算法设计成挖矿需要访问整个区块链,迫使矿工存储完成的区块链或者至少能够验证每笔交易。这去除了对中心化矿池的需要;虽然矿池依然可以扮演平滑收益分配的随机性的角色,但这功能可以被没有中心化控制的P2P矿池完成地同样好。这样即使大部分普通用户依然倾向选择轻客户端,通过增加网络中的全节点数量也有助于抵御中心化。 The goal is now to use a mining algorithm based on a single Hashi function produced randomly for every 1,000 random numbers, with a sufficiently wide field of calculation to remove the advantages of specialized hardware. Such a strategy will not, of course, reduce the centralization benefits to zero, but it will not be necessary. Every single user can do a certain amount of mining almost free of charge by using their personal laptops or desktops, but when 100% of the CPUs are used, they will have to pay the cost of electricity and hardware. The ASIC mining company will need to pay the cost of electricity and hardware from the first Hashi. 扩展性问题是以太坊常被关注的地方,与比特币一样,以太坊也遭受着每个交易都需要网络中的每个节点处理这一困境的折磨。比特币的当前区块链大小约为20GB,以每小时1MB的速度增长。如果比特币网络处理Visa级的2000tps的交易,它将以每三秒1MB的速度增长(1GB每小时,8TB每年)。以太坊可能也会经历相似的甚至更糟的增长模式,因为在以太坊区块链之上还有很多应用,而不是像比特币只是简单的货币,但以太坊全节点只需存储状态而不是完整的区块链历史这一事实让情况得到了改善。 The problem of expansion is that it is a common concern in Taipan, which, like Bitcoin, suffers from each transaction that requires every node in the network to deal with this dilemma. Bitcoin’s current block chain is about 20 gigabytes, growing at the rate of 1 MB per hour. If Bitcoin deals with Visa class 2000tps, it will grow at a rate of 1MB per three seconds (1GB per hour, 8 TB per year). It may also experience similar and even worse growth patterns, as there are many applications above the node chain, not just a simple currency like Bitcoin, but the fact that the whole section of the district only needs to store rather than complete chain history has improved the situation. 大区块链的问题是中心化风险。如果块链大小增加至比如100TB,可能的场景将是只有非常小数目的大商家会运行全节点,而常规用户使用轻的SPV节点。这会增加对全节点合伙欺诈牟利(例如更改区块奖励,给他们自己BTC)的风险的担忧。轻节点将没有办法立刻检测到这种欺诈。当然,至少可能存在一个诚实的全节点,并且几个小时之后有关诈骗的信息会通过Reddit这样的渠道泄露,但这时已经太晚:任凭普通用户做出怎样的努力去废除已经产生的区块,他们都会遇到与发动一次成功的51%攻击同等规模的巨大的不可行的协调问题。在比特币这里,现在这是一个问题,但Peter Todd建议的一个改动可以缓解这个问题。 The problem with large block chains is centralization of risks. If the size of the chain increases to, for example, 100 TB, the possible scenario would be that only a very small number of large traders would run the entire node, while conventional users would use a light SPV node. This would raise concerns about the risk of joint fraud (e.g. changing block incentives to give them their own BTC). The light node would not be able to detect such fraud immediately. 近期,以太坊会使用两个附加的策略以应对此问题。首先,因为基于区块链的挖矿算法,至少每个矿工会被迫成为一个全节点,这保证了一定数量的全节点。其次,更重要的是,处理完每笔交易后,我们会把一个中间状态树的根包含进区块链。即使区块验证是中心化的,只要有一个诚实的验证节点存在,中心化的问题就可以通过一个验证协议避免。如果一个矿工发布了一个不正确的区块,这区块要么是格式错,要么状态S[n]是错的。因为S[0]是正确的,必然有第一个错误状态S[i]但S[i-1]是正确的,验证节点将提供索引i,一起提供的还有处理APPLY(S[i-1],TX[i]) -> S[i]所需的帕特里夏树节点的子集。这些节点将受命进行这部分计算,看产生的S[i]与先前提供的值是否一致。 In the near future, the court will use two additional strategies to address this problem. First, because each mining union is forced to become a full node based on a block chain mining algorithm, which ensures a certain number of full nodes. Second, and more importantly, after each transaction is processed, we will include the roots of an intermediate tree in the block chain. Even if the block certification is central, the centralization problem can be avoided by a certification agreement if there is an honest node. If a miner issues an incorrect block, the node is either in the wrong format or S [n] is in the wrong state. 另外,更复杂的是恶意矿工发布不完整区块进行攻击,造成没有足够的信息去确定区块是否正确。解决方案是质疑-回应协议:验证节点对目标交易索引发起质疑,接受到质疑信息的轻节点会对相应的区块取消信任,直到另外一个矿工或者验证者提供一个帕特里夏节点子集作为正确的证据。 In addition, it is more complex for malicious miners to issue incomplete blocks for attack, resulting in insufficient information to determine whether the blocks are correct. The solution is to question - and respond to - the protocol: a test node challenges the target trade index, and a light node that accepts the challenge information distrusts the corresponding block until another miner or certifier provides a Patricia's node as the correct evidence. 上述合约机制使得任何一个人能够在一个虚拟机上建立通过全网共识来运行命令行应用(从根本上来说是),它能够更改一个全网可访问的状态作为它的“硬盘”。然而,对于多数人来说,用作交易发送机制的命令行接口缺乏足够的用户友好使得去中心化成为有吸引力的替代方案。最后,一个完整的“去中心化应用”应该包括底层的商业逻辑组件【无论是否在以太坊完整实施,使用以太坊和其它系统组合(如一个P2P消息层,其中一个正在计划放入以太坊客户端)或者仅有其它系统的方式】和上层的图形用户接口组件。以太坊客户端被设计成一个网络浏览器,但包括对“eth” Javascript API对象的支持,可被客户端里看到的特定的网页用来与以太坊区块链交互。从“传统”网页的角度看来,这些网页是完全静态的内容,因为区块链和其它去中心化协议将完全代替服务器来处理用户发起的请求。最后,去中心化协议有希望自己利用某种方式使用以太坊来存储网页。 Finally, a complete “decentralization” should include a bottom-level business logic component [whether or not fully implemented in Taiwan, using a combination of taupulega and other systems (e.g., a P2P message layer, one of which is planning to be placed on a web-wide client base) or a graphic user interface component with only other systems. For most people, however, the lack of user-friendliness of the command line used as a transaction delivery mechanism makes decentralization attractive. 以太坊协议最初是作为一个通过高度通用的语言提供如链上契约,提现限制和金融合约,赌博市场等高级功能的升级版密码学货币来构思的。以太坊协议将不直接“支持”任何应用,但图灵完备编程语言的存在意味着理论上任意的合约都可以为任何交易类型和应用创建出来。然而关于以太坊更有趣的是,以太坊协议比单纯的货币走得更远,围绕去中心化存储,去中心化计算和去中心化预测市场以及数十个类似概念建立的协议和去中心化应用,有潜力从根本上提升计算行业的效率,并通过首次添加经济层为其它的P2P协议提供有力支撑,最终,同样会有大批与金钱毫无关系的应用出现。 The Tailian agreement was originally conceived as an upgraded cryptographic currency that provides high-level functions such as chain-based contracts, financial restrictions and contracts, gambling markets, etc., in highly commonly used languages. The Tailian agreement will not directly “support” any application, but the existence of a fully programmed version of Turing means that any type of transaction and application can be created in theory. But what is more interesting about the Tailian agreement is that it goes further than a simple currency, is that it goes around decentralizing storage, decentralizing and decentralizing predicting markets, as well as agreements and decentralizing applications created by dozens of similar concepts, with the potential to fundamentally improve the efficiency of the computing industry, and ultimately, by adding the economic layer for the first time to provide strong support for other P2P agreements, there will also be a large number of applications that have nothing to do with money. 以太坊协议实现的任意状态转换概念提供了一个具有独特潜力的平台;与封闭式的,为诸如数据存储,赌博或金融等单一目的设计的协议不同,以太坊从设计上是开放式的,并且我们相信它极其适合作为基础层服务于在将来的年份里出现的极其大量的金融和非金融协议。 The concept of arbitrary conversion through the Taiyo Accord provides a platform with unique potential; unlike closed agreements designed for single purposes such as data storage, gambling or finance, it is designed to be open-ended and we believe that it is well suited to serve as a layer of financial and non-financial agreements that will emerge in the coming years. 1.一个有经验的读者会注意到事实上比特币地址是椭圆曲线公钥的哈希,而非公钥本身,然而事实上从密码学术语角度把公钥哈希称为公钥完全合理。这是因为比特币密码学可以被认为是一个定制的数字签名算法,公钥由椭圆曲线公钥的哈希组成,签名由椭圆曲线签名连接的椭圆曲线公钥组成,而验证算法包括用作为公钥提供的椭圆曲线公钥哈希来检查椭圆曲线公钥,以及之后的用椭圆曲线公钥来验证椭圆曲线签名。 1. An experienced reader will note that the Bitcoin address is in fact the Hashi public key of the elliptical curve, not the public key itself, but that the public key is in fact perfectly legitimate from the perspective of cryptographic terminology. This is because Bitcoin cryptography can be considered a custom digital signature algorithm consisting of Hashi the public key of the elliptical curve, a signature consisting of the elliptical public key to which the elliptical curve signature is linked, while the authentication algorithm includes the elliptical public key that is provided as the public key to examine the elliptical curve public key, and subsequently the elliptical public key to verify the elliptical signature. 2.技术上来说,前11个区块的中值。 2. Technically, the median value of the first 11 blocks. 3.在内部,2和“CHARLIE”都是数字,后一个有巨大的base256编码格式,数字可以从0到2^256-1。 At the internal level, both 2 and “charlie” are numbers, the latter with a large base256 code format, with numbers ranging from 0 to 2,256-1.
注册有任何问题请添加
微信:MVIP619
拉你进入群
打开微信扫一扫 添加客服 进入交流群目录
历史
作为状态转换系统的比特币
挖矿
默克尔树
其它的区块链应用
脚本
以太坊账户
消息和交易
以太坊状态转换函数
代码执行
区块链和挖矿
令牌系统
金融衍生品和价值稳定的货币
身份和信誉系统
去中心化存储
去中心化自治组织
进一步的应用
改进版幽灵协议的实施
费用
计算和图灵完备
货币和发行
发行分解
挖矿的中心化
扩展性
注解
进阶阅读
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。
