Gresham College Lectures

Love, Trust & Crypto

November 21, 2022 Gresham College
Gresham College Lectures
Love, Trust & Crypto
Show Notes Transcript

The crypto movement began as a reaction to the concentration of economic power in the traditional financial system (and associated financial crises). It involved the creation of a new type of financial recording system, that did not depend on any one individual keeping records, did not allow falsification, and prevented fraud and double spending.

Crypto is underpinned by public-private key encryption, hashing and mining and allows a completely decentralised system to write enforceable contracts that cannot be altered once written. But how does the technology actually work? How would the tragedy of Romeo and Juliet have played out had crypto been around in the sixteenth century?

A lecture by Raghavendra Rau

The transcript and downloadable versions of the lecture are available from the Gresham College website:

Gresham College has offered free public lectures for over 400 years, thanks to the generosity of our supporters. There are currently over 2,500 lectures free to access. We believe that everyone should have the opportunity to learn from some of the greatest minds. To support Gresham's mission, please consider making a donation:


- This lecture is part of a series of six lectures on how technology is changing the world of finance. This is the second in that lecture, and it's about love, trust, and crypto. Now, many of you may think these topics don't go together. Love, crypto. But I'll try to convince you that is the essential part of trust and love and crypto. But before we actually go through that, let me talk a little bit about the way society has evolved over the past 300 years. Let's go back to the pre-industrial revolution period, This is before 1750. Most people are living in small villages. They don't travel, they just hang out in villages. They farm, they have local activities. But most people are born, grow up and they die in pretty much the same area. If you're especially adventurous, maybe you go to a nearby town, but most people don't travel. Things changed in the 1750s. What happened was the industrial revolution. We had James Watt inventing the steam engine. Richard Arkwright, the Jenny, and people like that basically mechanized the process of production. Now, most people don't realize this. You don't actually need to mechanize production if you don't have scale. For example, you don't need a spinning Jenny if your entire production, all your customers are based in one village, the fixed costs are just too high. In order for this to be worthwhile, you need to expand your customer base. You need to have scale up. How do you scale up? Well, you try to produce more and more, in order to overcome the fixed cost of setting up a weaving room or a steam engine, and things like that. But to increase that size, increase the scale, you need to hire people. Where do you get those people? Well, it doesn't work within the village. You move to towns, you hire people from the local villages, and some of these guys, they may know each other, but many of them have don't know each other. Maybe you come from one village, maybe you know the people in that village who started working in that factory, but you don't know anybody else. Anyway, in the 1840s, it became bigger. That was the introduction of electrical energy. And once you have electrical energy, you need more capital. To have more capital, in order to make a profit, you have to increase the scale of production again. So you need to hire more people in order to produce more and more goods. You have to have a bigger customer base. That was, in a sense, what the British Empire did. You had massive customer bases all over the British Empire, but everything was driven by the fact you were trying to make your your processes more efficient, to go to a bigger and bigger scale. That's when assembly lines were introduced. That's when mass production techniques were introduced. All of this happened till about 1920. But the human consequences were bigger. If you are, for example, somebody who's working in one of these, you're moving from a village to a town, to a city now, and people from all over the country are in that city. They're living cheek by jowl with each other. They don't talk the same way. They have different accents. You don't know these people. They don't know you. Then couple of world wars, and after that you have the industrial revolution 3.0, which started automating back office managerial work. The first level was all operational stuff. This is managerial stuff. What happens here is that the introduction of computers allowed us to make the process of manufacturing more efficient. You're not actually changing the manufacturing process, you're changing the way the back offices are organized. That created a sort of going back to where we started out in the beginning. Because you don't need to be in the offices anymore, as much as you needed to be if you're working on a physical assembly line. The process then became even more complicated when we go to today. About probably the fourth industrial revolution, where everything is connected, you have networks, you have the internet of things, everything is literally connected. Your light bulbs are connected to the internet. Our computers are connected to the internet, cameras are connected to the internet. Everything is part of a network, and we don't need to actually physically be in the same space with each other. You still have a problem of trust. Now, you don't know anybody, not because you're living next to them. It's because you never see them. How many of us, for example, in London, know our neighbors very well? Like many of us, we just bump into them in the corridors on the way in or out, but we never don't actually know anything about them. This is a problem with trust again. How does trust evolve in these areas? Before 1950s, everybody's living in small villages. It's all local trust. You know your neighbor, you know who's the best farmer around, you know who's the best butcher, the best baker, even the best candle stick maker. You deal with them on a daily basis. If they produce things which are not up to mark, you don't work with them anymore. Once you move to the town, who are you dealing with? Well, you don't know many people. You start depending on local authorities. The local magistrate, local police officers. You may not like them, but you certainly trust them more than you trust all these strangers whom you're meeting for the first time. Once you go to the city, that becomes even more complicated, because the city is just too big an area for you to be familiar with all the people who deal with you. For example, you might deal in a town, maybe the five or six police officers, in a city, they're 500. You may know one person, but there's no guarantee you will see this person again. But you do know where the police station is. The institution becomes more important than the person working for the institution. In finance, that threads to the area of financial intermediaries. If you think about what banks were like in that period of time, you had illusions of stability, massive buildings, Big columns and statues of important people. Banks are basically saying, "We are temples, almost. We walk in here, we keep your money safe." But as automation came along, what would happen? We don't actually deal that much with our banks anymore. One bank branch is pretty similar to any other bank branches. There's nothing special about a bank branch. Now, you trust the system. What is the system? Well, if a bank collapses, that's fine, because the government will bail you out like this. The system becomes more important than the individual people involved in the system. It's slowly moving from a system where you have human beings to intermediaries, where human beings are still working for the intermediaries to a system governing the intermediaries. What about today? Well, going back to one of the slides which I showed in my last lecture. If you look at the intermediaries today, and you look at the system, this is a survey carried out by the Edelman Trust barometer. Every year they ask people, "How much do you trust businesses in these industries to do the right thing?" They don't really define the right thing, but the right thing. Banks are almost consistently at the bottom of the league tables, and that's not surprising. Banks offer complex products which are difficult to understand, and then you get the impression the banks like nothing better than to rip you off. For example, healthcare offers equally complex products, equally difficult to understand, but at least you think you and they have the common interest of saving your life. Not necessarily so for a bank. Banks are consistently at the bottom. We don't trust the banks, we don't trust the financial systems. So what can replace these institutions? I'm going to argue that there's today's world, we are thinking about technology to replace that level of trust, and that's the area of crypto. But what do we know about crypto? Well, one thing we know is that there's a ton of complicated jargon. We talk about distributed ledger technology, talk about blockchains, consensus protocol, smart contract, shared databases. Basically, it's a bunch of blah, blah, blah. I can tell you honestly that if your partner has trouble sleeping at night, just discuss a blockchain protocol, they go to sleep right away. The consensus is if you have some kind of technology like this, it's very difficult to understand how it works, and it's very difficult to understand why it is important. At this stage, I want to make a distinction between blockchain and crypto. Crypto is a general phrase that arises to apply to a lot of transactions. For example, if we talk about currency, we talk about cryptocurrencies, which is replacement for money. We can talk about contracts. We can talk about smart contracts, decentralized finance, things like that. These are topics I will not cover today. These are topics which I reserved for my third lecture in January. I talk about the applications of this technology to these kind of transactions. Today I'm actually going to talk about the underlying technology, the blockchain. How does the blockchain work? Let's start with a big picture. Well, there are three major things which blockchains allow us to do. One is users want to be anonymous. We are using cryptography to protect anonymity. Second, the data is completely unstructured. That means anything can be put into a blockchain, ranging from one line, one sentence to an entire novel. Anything can be put into the same blockchain. Third, the data is indelible. That means no one can alter the data without everybody finding out. We are going to use something called proof of work, or proof of stake to validate the data. I can see what some of you are thinking, "Man, the guy said he's not going to use any jargon, is already using jargon." What's the rest of the lecture going to be like? Well, let me go back a little bit. Let's start with a very simple idea: a bank ledger. How does a bank ledger work? Let's say you are going to pay some money to your friend, in the same bank as you for simplicity's sake. How does the bank record this transaction? Well, what happens is the bank makes a ledger entry and each ledger entry contain some information. For example, it has the originating person plus their account number, the destination person plus their account number and the transaction detail. How much money is being transferred. The bank then takes that ledge entry and applies it to your accounts. The account entry will have your starting balance. How much is being transferred? Your ending balance. To take an example, this is what it might look like. Let's suppose that Mr. Black writes a check to transfer five Bitcoin from his account to Ms. Green. I'm aware of the irony that you're writing a check to transfer Bitcoin, but for simplicity's sake, just go as basic as possible. It is entirely possible to write a check with, say, "Transfer Bitcoin from my wallet to the other person's wallet, as long as the bank holds a private key." We leave that for a minute, but we are assuming this is a simple transaction. Mr. Black here is the originator. Ms. Green is the destination. The ledger entry looks like this. Very simple ledger entry. "Five bitcoin transferred from Mr. Black to Ms. Green." What does the account look like? It looks like that's the date, starting balance from Mr. Black. That's the amount debited. Five Bitcoin is the ending balance. Very simple, very straightforward. Now, what are the problems that might arise in this system? The first problem is maybe the bank manager who keeps the records diverts the money to her own account. Basically, she falsifies the transaction. What does that mean? Instead of writing, "Ms. Green," she writes her own name and transfer the money to her own account. Second possibility, maybe Mr. Black doesn't have any money in his own account in the first place. So when you write a check, the check bounces. Third possibility. Maybe I give my money to Ms. Green, she takes a check from me, but before she has a chance to deposit the check, I go and spend the money on something else. Maybe to buy a coffee. I'm double spending. Or maybe I don't want anyone, even my bank manager, to know that I need to send funds from Ms. Green. That means I want to be anonymous. These are the problems I need. I need to solve the problem of falsification. I need to solve the problem of double spending. I need to solve the problem of anonymity. These are the issues which I'm trying to solve using technology. So, how does a blockchain help? No one has control of the ledger. In other words, Ms. Red cannot divert the money to her own account. In general, no one can falsify anything on the chain, even though nobody is responsible for the ledger. There should be no way for Mr. Black to spend the same money twice. And best of all, everybody's identity can be kept completely secret. The key points. There's some key points which I need to make. The important thing to realize is a blockchain is a way to store data when you do not trust your counterparty. Trust is ensured by technology. What this means is, if you trust your counterparty, you don't need a blockchain. If you do not need to store data, you do not need a blockchain. You need both. If you don't trust your counterparty and you don't need to store data, blockchain is not really relevant. It's a method of storing data. So, what are the different types of blockchains? Turns out there are four types of blockchains. If everybody's allowed to read entries, it's called a public blockchain. Otherwise, it's called a private blockchain. If everyone is allowed to write entries, it's called a permissionless blockchain. That means you need permission to write in the blockchain. Otherwise, it's a permissioned blockchain. You need permission to write in the blockchain. Basically, you have these four types. Anyone can read, anyone can write. That's public permissionless. You have four combinations. You can see these combinations when you have a complete picture, which sort of looks like this. If you're trusted, there's no need for a blockchain. If you are untrusted counterparties, but you have a limited number of counterparties, you have a permissioned blockchain that only a few people can read or write. But you need to let maybe the government tax authorities to check those transactions later on, or an audit committee to check the numbers later on. You need a public, anyone can read it, permissioned, only a few people can write, a public permissioned blockchain. If you don't need to let outsiders look at the data, you can have everything private. Private permissioned blockchain, only a few people can read. Only a few people can write. But the most general form, the part which we're going to talk about today is a public permissionless blockchain. A classic example of that is Bitcoin. The bottom line is simple. Blockchains need to solve three problems. Problem number one, no falsification. Problem number two, no double spending. Problem number three, anonymity.

And they do this using three technologies:

cryptography, hashing, and mining. How did this come about? How were blockchains created? Let me go back to 2008. In fact, Halloween, 2008; that's when this person called Satoshi Nakamoto wrote a white paper talking about the emergency of peer-to-peer system for transferring money. Now, what is interesting about this is number one: nobody knows who Satoshi Nakamoto is. Could be a man, could be a woman, could be a group of people. We have no idea. It's completely anonymous. Second thing is that nobody knew how to price this. It wasn't original. There are a whole bunch of other electronic money before this. For example, Digi Cash was being used in the 1990s. It's a form of electronic money. Never really caught on, but Bitcoin did. What made Bitcoin take off? Well, first thing is Bitcoin being priced at that time. In 2009, one of Nakamoto's colleagues, the way he priced it was simple. He spent a month mining Bitcoin on his laptop. He looked at his electricity bill the previous month, he looked at his electricity bill the next month, all he had done was mine Bitcoin during that month. He said, "I have spent $20 on electricity. This is the number of Bitcoins I have mined." The price of a Bitcoin was 1,980 Bitcoin per dollar. If you could go back to 2008 and buy $1 worth of Bitcoin, at its height in the beginning of 2022, that would have been worth $12 billion. This is the time when I really say, "Damn it, I wish someone invented a time machine." But anyway, Bitcoin bopped along for a few more years. Nobody really was using it. A few people were using Bitcoin to buy pizzas, things like that. It wasn't really that big a deal. But then in 2013, something else happened. WikiLeaks. WikiLeaks basically, if you remember, was when this website basically gave away all the secrets which the American government was holding, and just published it on their website. American government was not happy, declared these guys as terrorists, and banned them from using the US financial system. These guys said, "Fine, we'll use Bitcoin." Now, the whole point, of course, is the people who created Bitcoin didn't necessarily want these people using Bitcoin, but they had no choice. Decentralized system. Anyone can use it. You can't stop anyone from using it. WikiLeaks started accepting Bitcoin. The price of Bitcoin started increasing. Apparently, Nakamoto was still collaborating with a whole bunch of people on discussion boards in that time. Identity was so secret. But then somebody said to Nakamoto, "Look, the FBI is coming to talk to me tomorrow about Bitcoin. What do you think I should tell them?" Nakamoto, apparently the next day, sent out a message saying, "I'm glad to see Bitcoin is in good hands," and disappeared. So no one knows who he is. No one's ever found out who Nakamoto is. And basically, as I'll tell you in a little bit, no one can prove they're Nakamoto either. Several people have tried claiming they're Nakamoto. But anyway, that's the origin story of Bitcoin. It's a currency that actually became well used and famous, mainly because of an external event which they had no control over. In a way it was serendipitous. Now, let's apply Bitcoin to Verona in 1597. The story of Romeo and Juliet. Now, Romeo and Juliet want to send letters to each other. This is a dangerous thing, because their families are fighting with each other. What problems do they face? Well, they need to be sure that no one else can read their letters, because they're not supposed to be writing to each other. Second problem, they need to be sure that the letter is indubitably coming from only the two of them, is not being forged, for example, by Juliet's cousin Tybalt just to entrap Romeo into coming to some place and then murdering him. Fine, even if someone else gets a letter, they should not be able to identify who the sender is. Number four, the letter should not be garbled while the sending process is going on. And number five, both Romeo and Juliet need to be sure that the Romeo or Juliet, the other person, is not writing the same letter to five other girls or boys, These are all important things. You can see they all work for a blockchain. We have anonymity. We have over here completely unstructured data. We'll talk about that in a bit. And you want to make sure that there's no double spending. You don't send the same letter to five different girls. So, how do they do this problem? Well, let's address each of the problems one by one.

There's problem number one:

no one else should be able to read the letter. How do you do that? Well, I'm going to introduce Juliet's lockbox. This is a lockbox. In a typical lockbox, you have a key. You put your valuable stuff inside a lockbox, and you lock the box. You're the only person with a key. Technically, you're the only person who can go into the lockbox and take your stuff out. That's what we call symmetric key cryptography. The only one key, one person, one way to unlock the box, and that's fine. But this box is very special. This reason it is special is because it has two keys, not one, and the two keys work in different directions. What does that mean? Well, let's take a look. First key can only turn clockwise. It cannot turn anti-clockwise and only turn in the clockwise direction, which means you can go from A to B to C. That's it. The second key can only turn anti-clockwise from C to B to A. It can't go the other way. So, two keys. Each one can turn in one direction only. Fine. What good is that? Let's say Juliet has this lockbox. She keeps one of the keys for herself. That's her private key. The key basically, let's say, is the clockwise key. She gets it from A to B to C. That's the only direction her key can turn. What about the other key? Well, she makes 1000 copies of that key. She distributes it to everybody. She hangs some outside her balcony. If you want to, if you ask her for a business card, she'll take a key out and give it to you. She's got a million copies of the key. Everyone can get a copy of the key whenever they want. Fine. What good is it now? Well, let's say Romeo wants to send Juliet a letter. He wants to be sure that no one else should be able to read the letter. What does he do? Juliet's lockbox is outside her balcony, easily accessible, at least in the Romeo and Julia stories. You go to the lockbox, you take your letter, you put it inside the lockbox, and you lock it with Juliet's public key, which he's been giving everybody. The public key, remember, can only turn anti-clockwise. From the unlocked position, it can only go to position A, it cannot go to position C. Position C would be clockwise. You have locked it. Now, who can unlock this? Nobody else who has Juliet's public key, because the public key, remember, only turns anti-clockwise. If it's locked in this position, anti-clockwise would mean trying to force it down to come here, which wouldn't happen. The only person who can unlock the box is Juliet, because she's the only one with a private key, which goes in the clockwise direction. She can put her key in the lock and unlock it, so can make sure that Juliet is the only one who reads the key. Problem number one.

Problem number two:

basically, Romeo needs to be sure that this letter, which he's getting in response, is actually from Juliet. How do you do that? Well, that's what we call a digital signature. Juliet now is sending a response back to Romeo in the same lockbox. What does she do? She puts her response on the lockbox and she locks it. The problem of course is Romeo wants to be sure that this letter is actually from Juliet. Because it could be a forgery, it could be a letter sent by Tybalt saying, "Come to the crypt at midnight." And you go to the crypt at midnight, he's waiting for you with a knife in his hand, stabs you in the stomach, and life is all over. It happens a lot in Shakespeare's plays. And of course, Juliet wants be sure that Romeo trusts her letter, because there's nothing worse than someone showing up. A young, unmarried girl showing up in a crypt at midnight, and your boyfriend is not there. That's dangerous as well. You don't want that to happen. Both of them need to be sure that the letter is indeed from Juliet. What she does is takes her key, her private key, and she locks the box. Now, private key only turns clockwise. She sticks it in the lock, locks it clockwise, position C. Now, who can unlock it? Only someone with Juliet's public key, because that's the only key which will turn anti-clockwise, if you try to turn it the other way, it won't unlock. If you have her public key though, you can go from here, anti-clockwise, turn it back. That private key locking is called a digital signature. If you encrypt a message with your private key, that's guaranteed that that message comes from you. That, by the way, is why people know there's nobody who's actually Satoshi Nakamoto, because no one's been able to unlock any message with Satoshi Nakamoto's private key. Either they've lost the private key, or it just doesn't exist. If you do not have his private key, you cannot prove that you're Satoshi Nakamoto. Anyway but that's weird. I mean, excuse me, anyone can unlock that box now. Anyone who has a public key. How do you make sure the problem number three? Problem number three is, even if someone does intercept the lockbox, they shouldn't know, they couldn't be able to decrypt, find out the identity of the sender. What do you do? Well, Juliet again, she has a lockbox. She puts her letter inside the lockbox, she locks it using her private key. Now, anyone unlocking it with a public key will know when is come Juliet, But I don't want any anyone to open it. I want only Romeo to open it. How do I ensure that? Well, I put it into a second lockbox, and the second lockbox is the one belonging to Romeo, and I lock that using Romeo's public key. Essentially, Romeo is the only one who's able to open the outer lockbox with his private key. Inside that lockbox, he finds a second lockbox, which can only be opened with Juliet's public key. Now, I know that that letter inside comes from Juliet, and Romeo is the only one who can receive that letter. So that's problems one, two, and three is solved. But how do you make such keys? The answer is mathematics. Let me ask you guys a simple question. What is 17959 times 33851? How much time do you think it'll take you to get that answer, in today's day and age? 10 seconds? All you do, pull your phone on, start the calculator, press a button, you give you the answer in five seconds. How about this question? Is this a prime number? A prime number is a number that's only divisible by one or itself. So three, five, seven are prime numbers. Nine is not a prime number, because it's divisible by three in addition to being divisible by one and nine. So, is this a prime number? I can guarantee, unless you've actually seen this number before, it's going to take you a very, very, very long time to figure this out. The answer is, by the way, if you multiply the two, that's the number that takes 10 seconds or five seconds, how much time it takes to type this in your calculator. But this is not a prime number. It's actually the product of two prime numbers. These two are prime, but this is not a prime number. Now, this is what cryptography consists of. Basically, you have a public key consisting of two numbers. Well, one number is a multiplication of two very, very, very large prime numbers. That means in order to factorize these prime numbers, it's going to take you an enormously long time. Most people, if you take sequential computers today, it will take you more time than exists in the entire universe since the universe has begun to actually factorize a number like this. Of course, the private key is also derived to the same two prime numbers. If you can factor a product, you know what the prime numbers are, you should be able to find out the private key. If you use a small pair of prime numbers, it's easy to factorize. The idea is you want a super long prime number. Very difficult to factorize these products. This holds, by the way, in the absence of quantum computing. The story is that once you have quantum computing, that'll be equivalent of throwing millions of computers at the same problem, so it's possible to break that encryption. But as yet, we don't have quantum computing. This is a problem for the future. People are working today on ways to solve the quantum encryption problem. But coming back to our situation, we have solved these three problems. Juliet needs to be sure that no one else can read their letters. You'd be sure the letter is coming from one of them, even if someone else gets the letter, the sender is secret. Now the letters shouldn't be garbled before sending, and of course they need to be sure that they're not writing the same letter to five other people. How do you do those two? Well, let's take a look at problem four. If you think about a king in the medieval ages, for example, who wants to send a message to his general on the battlefield. He might write him a sentence saying, "Attack at dawn." You write a letter, give it to your trusted messenger. He rides across to the general, gives him the message, "Attack at dawn." What are the problems? Maybe the messenger is galloping across the field, the horse breaks a leg, messenger breaks his neck, message never gets read. Second problem, maybe the messenger is intercepted, his message is replaced. But the second message from the enemy saying, instead of attack at dawn, "Retreat at once." So the general retreats, instead of attacking. How do you solve this problem? Well, easy way. You send 20 of messengers. Not one, 20. And some of them, they all take different route. The general comes, gets a message. Gets maybe 16 messages of which 14 say, "Attack at dawn," two say, "Retreat at once," and two never show up. He knows 20 messages been sent. So he says, "Well, I think it is basically attack at dawn, because that's the majority of all the messages." Unfortunately, this doesn't work for Romeo, because Romeo is a romantic. He's not going to write a three word message. He's not even going to write a sonnet. He's going to write a giant thousand verse stanza. Something like the Mahabharata or the Iliad. Massive poem. And it has to be perfect. You can't get a single word wrong. If you say, "Shall I compare the to a summer's day?" And it works out to be, "My idol has feet of clay," they're very different from each other. We don't want to send the second message when you can only send the first message. So how does you solve that problem? The answer is hashing. What we're going to do with hashing is construct a summary of the entire letter, which you do. It has to be just perfect. That means if a single letter is changed in the original poem, the entire hash will be different. How do you do that? Well, the summary should have three characteristics. The hash summary should be the same length. A particular input will always result in the same hash, and there should be something called a no collision property. But moment I say that people say, "Wait, what? What is this hashing? It sounds vaguely illegal, hash or whatever. What's going on over here?" Let's introduce you to somebody called Hans Peter Luhn, who in 1954 got a US patent on a computer for verifying numbers. Now, what was this all about? We see at that time there were a whole bunch of new numbers being introduced for everybody. Credit card numbers, social security numbers, things like that. Everybody needed these numbers, and so people would transcribe these numbers, but they were not electronic. If you make a mistake in writing down the number, maybe you attribute the debt to the wrong person. Someone the wrong credit card number. You need a way to make sure that the credit card number is in fact a valid credit card number. How do you do that? Luhn came up with an algorithm, and the algorithm worked like this. You start with a 10 digit number, and then you go through these steps. I'll go through these steps with you, but once you have this, you'll have a check number at the end and a check number is a summary of the entire credit card number. In later version, the check was just appended to the original number as an extra check digit. I'll give you an example in a minute. But even today, if you take your phones and you have your IMEI number on your phones, they use Hans Peter Luhn's algorithm. Let's start with taking your credit card. Here is a credit card number. Is this valid? Once you look at it, you can see something right away. It starts with three, it's 15 digits, that means an American Express. starts with a four, it's Visa, starts with a five is MasterCard, and so on. You can immediately figure out what that credit card number is, but this is an American Express number. How do we know whether it's valid or not? Well, we are going to start taking the last digit, six. That's our check digit, so take it out. The remaining digits are these numbers. What I'm going to do is double every alternate digit, starting at the right. For example, one becomes two, nine stays as nine, two becomes four, zero stays as zero, one becomes two, two stays as two, and so on. You got the entire contact. All I'm doing is every alternate number I double. So, I have the sequence of numbers over here. Now, in this sequence of numbers, all the double digits I add up. 12 becomes three, 18 becomes nine, 18 becomes nine. Then I add all the digits together, I get 64, multiply that by nine, and look at the last digit of the product. Is the last digit the product the same as the last digit of the original? If it is, that's a valid credit card number. I don't need to go on the internet, I don't need to check anything. I run the algorithm. The last digit is immediately a summary of everything in that number. If this last digit is anything but six, I know this is not a valid credit card number. That's the idea of hashing. Let's take a word, "Adam." And I'm going to give a number to every word. So, Adam becomes A is one, B is two, and so on. Of course, capital A will have a different value from small A. One will have a value, the commas, the periods, all of them will have different values. But let's make it easy. Let's just say small letters in our text, Adam becomes one, four, one, 13. A-D-A-M. Now, I'm also going to fix a fixed length for the summary. Let's say this is 10. Adam takes four digits. A1, 4, 1, 13. What do I do? I tell the person reading it, "This is stopping at four, so add a one to stop it." Then I pad it out with zeros, and at the end I add the number of original digits to look for. Somebody looking at this will say, "Okay, I'm looking for the first four, and I know it stops right here. So, this is my original word I'm looking for." This is the hash. 10 digits. And every hash will have the same thing. If you have something that's longer than four digits, longer than 10, just chop it up. And then, eventually you get to something which is always just 10 digits. Let's take an example. I'm going to show you something called the SHA algorithm. So, this is a typical hash calculator. You can type in anything here. For example, "This is a test." And you ask it to generate the hash. That's the hash it generates. Notice that the hash size will always stay the same, and if you change even a little bit, let me add a full stop over here, the hash becomes completely different. Every hash will be identical for the same one. If I get rid of the dot, I go back in, That's the original hash I just saw. Add a full stop, that's the second hash we just saw. Every one is a hash summary of your original text, and you can do this with any length of texts you want. You can have a simple thing, you can write a letter, you can say. - [Professor Rao] Simple letter, hit the hash, same length. It's a completely different hash over here. If I change even a little bit, maybe I make a little spelling mistake over here, no problem. Hash is completely different. Literally, all I have to do is give you the hash. I know that if the hash doesn't match, I know that something has changed. I don't know what has changed, because I just got the summary, but I know that something is different. That's the purpose of a hash. Now, how do I bring this all together? I also need to be sure the last problem that Romeo is not writing the same letter to five other girls. I'm getting the hash, I'll put the hash in a minute. But the hash is a way of constructing any length I want to get a same summary for that field. This is the last bit. Let me introduce you to Yap Island in Micronesia in the Pacific. This is an island near Palau and Guam, all these areas, pretty remote part of the Pacific, where the Islanders some 1500 years ago had the idea of going 300 miles across the open ocean. By the way, the English Channel, at its narrowest, is about 21 miles. This is something like 15 times the width of the English Channel in the open ocean, to go to a different island to carve pieces of stone and use that as money. How big are these pieces of stone? Pretty big. The size. This is a stone which weighs several tons. It's impossible to move. So, why did this happen? Why are these guys using this as money? Turns out, there's a story. There are lots of stories. This goes back 1500. We don't really know why it happened, But the story is that in the Yap Islands, these guys went fishing, they were blown off course. They landed on this remote island. Their stock of fish all destroyed. They carved a stone out of this calciferous stone over there and they brought it back to show their king. "Oh look, here's our tribute. This is the size of the fish we would've caught, had we caught fish." I mean, if I was a king, I'd be somewhat disappointed. But anyway, the point was that that became used as currency. It became standardized and then they started having stones. How do the stones work? Well, you go to this island 300 miles away, you cut the stone and you bring it back, and then you put it outside your house like this. Now, this value of the stone depends on the story. It doesn't just depend on the size of the stone. For example, it could be that it's commissioned by a famous explorer, increases the value of the stone. Several people died in the ocean while they're trying to bring the stone back, increases the value of the stone. Carved using modern techniques to make it look smooth, decreases the value of the stone, because the amount of effort going to carving the stone is lower. The stone can also earn interest. For example, if you keep the stone outside your house and your daughter later gets married to somebody and has five children who contribute a lot to the society, the value of the stone goes up. But more important, you can use the stone as currency. That means, suppose I want to buy a fishing ground. By the way, there are other measures of things. You just don't use the Yap stones. They also use cloud shells, they also used beads. They use a whole bunch of other things. And today, if you go to Yap Island, they also take US dollars, British pounds, and euros. This is not the only currency they use there, but it's an example of a blockchain. Why? Suppose you have this outside your house, and you want to buy a fishing ground. You don't move the stone, you give possession of the stone to somebody else. That person now has the stone, even though it's outside your house. There's a limited number of tribes in the island. Everybody can trace the entire history of the stones back to the origin. That means, in other words, we know from the time the stone was cut, who owned the stone and who has possession of the stone at any one point in time. That's the idea of a blockchain as well. That means even you buy something on the blockchain, you have to prove where the money came from. You can't just say, "Okay, I have five Bitcoin." Where did you get the five Bitcoin from? Somebody should be able to trace the entire history of Bitcoin all the way back from the genesis block. You can download the entire blockchain onto USB stick, and then you can trace the history of every Bitcoin ever created on that system. You can't double spend, because somebody will go in there and say, "Wait a minute, you say you're spending five Bitcoin. Where did the money come from? I can't see it anywhere in the blockchain." Has to come from somewhere. That allows us to prevent double spending. In a way, it's like saying in Romeo's case, every letter Romeo's ever written is on the blockchain. Juliet can go down a list and say, "Hmm, I'm sorry, you are writing the same letter. I've seen that letter five times in the blockchain. So, you can't write five letters to other people." But who verifies the transaction? The answer is people call them miners. What do the miners do? Their job is to create a solution which is allowed by the system. What does that mean? Let's say one particular solution is you must have three leading zeros in the solution, which is a hash. We try to hash a set of transactions which will fit this pattern. What does that mean? Let's look at a set of transactions like this. "Alice owes Maya one Bitcoin for a movie." That's an expensive movie, because Bitcoin is about $16,000 now. What do you do? What the miner does is miner hashes that set of transactions, picks any set of transactions. Five, 10, whatever. They hash that, you got one hash address. Now, let's take an example. Let's say this is your hash address. You have this, you do calculate a hash. Now notice that hash there, it has 639. It does not starting with a zero, it not doesn't have three leading zeros. This is not a valid solution. What do I do? I add a trial number to the end. I say, "Let's add one," I recalculate it, it starts with a nine, it doesn't work. Let's do it again. Let's start with two. Oh, it starts four. Okay, not good. Oh, it still starts with a one. Let's do four. This is the miner's job. They keep putting in number after number after number into this to get a solution which starts with three leading zeros. Anyone feel lucky? Would you like to give me a number? I have no idea what it is. - [Audience] Eight. - Eight, let's try it. No, I'm sorry. Literally, that's one of the reasons why it's such a difficult job. The miners spend hours trying to solve these problems. And as you increase the number of leading zeros, the problem becomes more difficult, because you have to run through more and more ways of trying to get a perfect hash. So, that's the idea. Once you have the hash, what happens? Well, once you have the hash, what do you do? You basically broadcast to everybody. Say, "I've solved this problem," and you give that number to everybody, they take that thing, put it into their hash algorithm, put that trial number, and check whether it has three zeros. If it does, say, "Okay, we won," and this guy gets a fees paid by every one of this one plus new money created by the system, up to a maximum of 21 million Bitcoin. That's a upper limit set by the system to prevent inflation. But there is a problem. The problem is maybe some nefarious miner comes along and changes the one Bitcoin to 100 Bitcoin after the block is mined. Blocks being mined, the one Bitcoin is gone, and now suddenly Maya has 100 Bitcoin. It means they're going through the same system, they're going to hash blah blah, blah, and get on with it. How do I solve that problem? The answer is actually surprisingly simple. The answer is I go back to this one here, I have my hash for this. I take this hash number, and add it to the beginning of the next block. This is a next block. Say, Gresham owes Babbage for a computer or Babbage owes Kelvin for an electricity bill. You can take that and put in a hash coming out right here. So, in other words, if you go back here and change one Bitcoin to 100 bitcoin, this hash will change, but this hash will not, because this is the original hash. In other words, if I want to change this hash, I have to go, take this previous hash, put it into the next one and redo it. I have to do this fast enough that I can catch up with everybody else who's hashing faster than me. In other words, let me put it in a different way. If I'm hashing, let's say, block 79, I make a mistake, I change block 79, but everybody else is working on block 91, I have to change block 79, then I have to change block 80, because block 80 is chained to block 79. That's what we mean by blockchain, because the blocks are chained together because of the headers. I have to do this fast enough, before people stop finishing up the block 91 and 92. People are adding on blocks at the end. There's nobody who can do this. That's one of the reasons why these things are so difficult to do. Impossible to break a blockchain. Overall, what have we seen? Romeo and Juliet are sending letters to each other. What problems have they solved? Cryptography allows them to solve these first three problems. They show that no one else can read the letters that are completely anonymous. Second thing, hashing. The letter is not garbled during sending. Third, there is mining and verification. They are sure that Romeo or Juliet is not writing the same letter to five other girls or boys. This is the essence of how a blockchain works. Once it's recorded on a blockchain, it's impossible to change that blockchain. That means, essentially, you can write messages in blockchain, you can write contracts in blockchain. Remember, the hash will take any length of contract and compress it to 10 digits, or 256 in digits. By the way, people have also put declarations of love into blockchains. How do you do that? Well, it's easy. You write a long letter in a blockchain, and then you send some money to a non-existent address. That person will never cash the money. It's a non-existent address. You don't send much money. Maybe you send 10 cents, but then inside the blockchain that's preserved, that message is preserved, and you can say, "I love Juliet," or whatever. The problem happens, of course, if you stop loving Juliet, then you can't get rid of that line. It's there forever. You have to say, "Well, that person I referred to as Juliet earlier, please replace that with somebody else." But you have to write new line in the blockchain. So please, if you do have that, do not say something you do not mean. Alright, let's conclude. What can we conclude from this? The biggest thing I guess we can conclude is if this Shakespeare had access to this kind of technology back in the 1590s, there would've been no Romeo and Juliet written, and that would've been a tragedy. Thank you. (audience applauds) - I'm going to start with some online questions, and the first online question I have is, "Professor Rao, do you own Bitcoin?" Have you ever owned Bitcoin? And that's from Wilma. - It's a very good question and the answer is yes. I owned past tense Bitcoin. In fact, I bought this in 2013, when Bitcoin was just first starting out. It was $150 per Bitcoin at that time. I did buy some, and unfortunately I also wanted to see how it works. So, in 2015 when it was still $150 per Bitcoin, I went to San Francisco, I bought some pizza, I bought a pair of pants, and basically now, effectively, my Bitcoin is zero. I do know that, in 2017, when the price of Bitcoin went to $20,000 per Bitcoin, my wife, she said, "Okay, we are rich." And I said, "Oh not quite." - I'm glad to see your wife is still here, and has a blockchain love letter. One more question online, and I'll open up to the audience as well, which is, interesting that you talked about trust here.

A question from Leo online:

"Would a quantum computer be able and be used to track what is a private key?" - Not track what is a private key. You can already track what a key is. You can track all the public keys, but the question I think is more, can a quantum computer break the encryption method? And in theory, yes, because prime number factorization is a problem which is relatively easy for a quantum computer to break, but there are no quantum computers out there. Hopefully, that is a problem which needs to be solved, but not for the immediate future. - [Audience] It could just be because I don't understand it properly. I was just asking, with the mining, do they have to physically plug stuff in? I would assume- - No, no, no. Very good question. So no, you don't physically type stuff in. That was to show how slow it is. What you technically have are massive ranks of computers, You have factories with just units meant to process this. That means, by the way, that has a consequence. The consequence is Bitcoin mining is one of the most environmentally unsustainable activities there is, because what they're doing is using massive amounts of energy to solve a rather meaningless problem. So, essentially, you end up consuming as much electricity. Bitcoin mining at the moment will consume as much electricity as the entire country of Switzerland. One of the big advantages which Ether Merge had in September was that they shifted from what we call a proof of work to a proof of stakes stage. And that dropped the electricity consumption dramatically for Ether. I will talk about that in January. But you're absolutely right. This is a major environmental issue. You don't do this by hand, I was just showing you how to do it. - [Audience] So, if it can be performed by a majority attack? - Yes, it can. But the question is, it depends on the liquidity. If you think about Bitcoin, Bitcoin is far too large and far too liquid in order to be done with the majority attack. But if you have a small token, like something which is not liquid, something which is not easily traded, yes, there's several cases when that has happened. You can buy 51% of it, and then suddenly issue a trillion credits in your own name, and then walk away with all the money. There's several examples where that has happened. But Bitcoin is the one case, Bitcoin and Ether, the two cases which are so liquid, it's impossible to do that. - [Audience] Okay, thank you. - At the moment. - [Audience] You explained already what's happening: somebody has to solve a mathematical puzzle. There must be a controlling mind. There's got to be something behind it that sets the puzzle, and if you like, that marks it. We don't seem to know that. You mentioned Mr. Nakamoto, who people say is an Australian called Craig. Surely we must know more about the controlling mind we clearly trust this whole- - Let me explain. That's actually a very good question. There is no controlling mind. That's the beauty of Bitcoin. It's all technology. The system wants to make sure that you're not creating money too fast. That creates inflation. So, what it does is measures the speed with which the problems are being solved. If the problems are being solved too fast, it increases the difficulty of the problem. It says, "Not three leading zeros, but now I want four leading zeros." So, it slows down. It's an automatic algorithm. It just works for seeing how fast people are solving the problems. - [Audience] But somebody wrote that program. - Somebody did write that program. - [Audience] Who is it? - Well, the first idea was Satoshi Nakamoto, but there's a whole group of people who worked on that idea. Nakamoto came up with the original idea, but it was never meant to be a fully fledged operational system, mainly because he fixed several things in it, which need not have been done. There's a maximum limit of 21 million Bitcoin which can be mined in the system. That was because, at that time, there was a huge number. He never thought we'd get anywhere near there. We're almost there now. It was an experimental system which took off, and now is incredibly popular. So, if we had to go back and rewrite it, you might have picked a different system. And that's what a lot of cryptocurrencies are doing, trying to solve the problems which Bitcoin had, which was never meant to solve. - Thank you Professor Rao. Love, Trust, and Crypto. Fascinating. I'd like to thank Professor Rao for his insights, for simplifying the complex, and add an element of romanticism around it. I'd ask you to give us round of applause, for professor Rao. Thank you. (audience applauds)