Colorado Blockchain is the place to start
This is your official invite to come and explore with us. We value learning cooperatively and can't wait to meet you!
What are some common terms / jargon / lingo I should know?
- Distributed: To divide or share something among many. Opposite of centralization.
- Ledger: a book or other collection of financial accounts of a particular type.
- Database: a structured set of data held in a computer, especially one that is accessible in various ways.
- Cryptography: The practice and study of techniques for secure communication in the presence of third parties called adversaries.
- Encryption: The process of encoding a message or information in such a way that only authorized parties can access
- FUD: Fear, Uncertainty, and Doubt.
- FOMO: Fear of Missing Out.
- Immutable: Can't be changed. Unalterable.
- Proof of Work (PoW): A method to ensue a security against attempts to change data on a distributed ledger.
What is a Blockchain?
A blockchain is a way to store blocks of data in a database. Each new data entry also has a reference to the last piece of data. So every entry is linked to the last in a chain. Thus if any block is altered, all following blocks must be changed.
What is a Distributed Ledger?
A distributed ledger is a shared common database of transactions among many peers. Many of those peers hold a copy of this database, and every copy is identical. It allows for new peers to join and leave the network while preserving the data.
What is a Cryptocurrency?
A cryptocurrency is a distributed ledger that stores transaction data in a blockchain . Transactions are only allowed (valid) if the owner of the cryptocurrency's private key is used to sign the transaction.
What is a public/private key pair?
- A public key is used to encrypt data. A private key is used to decrypt data. Thus if I only have one key, I can only encrypt or decrypt data. A private/public pair is formed to let the pair owner share the public key and keep the private key secret. Thus only the owner can decrypt data that anyone who uses their public key to encrypt.
- A good analogy is a username/password pair. Everyone can see your username (like "blockchainGeek123") and if you tell people that is your username, they know who it belongs to. But you don't tell anyone your password. It is how you prove that you are the owner of that username.
Who is in charge? Who controls and operates it all?
You do! When you are the only one with access to your private key, you are in complete control. When you open an account with a bank or exchange service that holds your private key for you, they create an account for you in their system. They can manage your account and provide services, like refunding transactions when your card gets stolen, enable you to write a check or charge your debit card. They decide how much money you can send, where you can send it, and how long to hold on a suspicious deposit. All for a fee. When you hold your keys, you are in absolute control of your cryptocurrency.
Who do I contact if I want to dispute a charge?
Cryptocurrency is much the same as physical currency in that if you give it to the wrong person or they don't follow up on their end of the transaction, only they can return your funds. Your only other recourse may be seeking legal support.
No outside party can:
- Access your account or send your funds for you
- Recover or change your private key
- Recover or reset your password.
- Reverse, cancel, or refund transactions.
- Freeze accounts.
You are completely responsible for your security! Thus:
- Be diligent to keep your private key and password safe. Your private key is sometimes called your mnemonic phrase, keystore file, UTC file, JSON file, wallet file.
- If you lose your private key or password, no one can recover it.
- If you enter your private key on a phishing website, you will have all your funds taken.
Why are there fees to send my funds? Who receives them?
In order to validate transactions miners are in charge of running the software ensuring no peer on the network is lying or cheating. For this service, all peers pay. At the moment, proof of work is the primary tool used to secure blockchains.
Security and Trust
Why should I trust these systems are what they claim?
Distributed Ledger Technologies (DLTs) are vey carefully designed to make cheating or lying cost more than you could get in return by exploiting the weaknesses in the system. Proof of Work (PoW) is the main way DLTs do this at present.
POW is a race between all miners in a their respective distributed ledger (DL) network to find a solution to a very difficult math problem. The problem produces a special number that is tied to the incoming transaction data on the network. When a valid solution is found, the winning miner records and broadcasts those transactions with their solution to their DL and receives the transaction fees. As miners expend a large amount of energy and computational resources to do this, it is always more profitable to play fair than to try and cheat the system by design. (More details) . There are also less energy intensive schemes that are being developed as alternatives to Proof of Work
How safe are my funds from hackers?
There are three factors critical to how safe your private keys - the ability to use your funds - are from being stolen: Key, Hardware, and Personal security.
Private key security: can keys be guessed or hacked?
If someone has a private key that is paired to a public key with currency in it, they can spend it. No matter how the true owner has stored it (wallets/exchanges/cold storage). Someone may try to randomly search for your private key - the so-called brute force attack. This is also what someone might do to try and guess your passwords.
The longer and more random your password is, the less likely it is to guess. For each added character, the strength of your password increases exponentially. The total number of charters possible (94 for the standard English keyboard with capital letters, symbols, and numbers included) to the power of the password length is the total number of possible passwords one would need to guess every possible password. So the number of guesses needed to try all 8 charter passwords (like "password") is:
94^8 = 6,095,689,385,410,816 --- or just over 6,000 trillion combinations.
That sure seems like a lot, But with modern computing hardware and sophisticated techniques, it may only take 6 hours to do this. (details here)
As an example, Bitcoin uses 254 bit keys. Supposing you could generate a billion guesses per second on a powerful single desktop, getting a billion of those machines doing this together, you would still need 3,740,000,000,000,000 years (on average) to find it. That is longer than the expected life-space of the universe as we know it. Better get moving!
Computer security: can the machines and software storing my keys be hacked?
(section under construction!)
Where you store and how access your cyprocurrency private keys matters. From the origin/generation of your private key through all transfers to and from it, there are ways that a bad actor could gain access to it and steal your assets. There are two primary places to store your keys:
- At present, centralized exchanges (like coinbase, gemini, kraken, kucoin, binance, etc.) are the easiest and arguably best way to easily buy, sell, and trade cryptocurrencies. (*But this is changing with developments in peer-to-peer trading and decentralized swaps)
- The security responsibility is on the exchange beyond your passwords and 2 factor authentications.
- There may be ways to dispute charges in the event of errors in transactions.
- When you have an account at an exchange served (exactly like at a bank) you do not own your crypto - they do. You own a promissory note to retrieve or trade those assets that they own “for you”.
- Exchanges are very high value targets for hackers. It is much more likely for a bad actor to try and get into their systems as the return on investment for a breakin is likely much higher than for you as an individual.
- There are many examples of exchanges already being hacked and user’s funds being stolen.
- Wallets are software tools to store your keys on you own. Typical wallet software includes ways to generate new private/public key pairs, view balances, send/receive funds, and securely store all this information on your machine via a password.
- Hot Wallets are on a machine connected to the internet. So it is possible for a hacker to get access to the walet’s information remotely. But it also can easily send/receive funds and check balances on this machine.
- Cold Wallets are not connected to the internet. Safer, but you need another machine to send/receive funds and check balances.
- Paper Wallets: These are literally printed copies of your private / public keys. With this information and a walet software, you can access your funds.
Personal security: can I be hacked?
(section under construction!)
Yes. :) more to come...
Laws and Regulations
Are cryptocurrencies legal?
Very few countries have gone as far as to declare cryptocurrencies illegal. That does not, however, mean that cryptocurrencies are "legal tender" – so far, only Japan has gone as far as to give bitcoin that designation. However, just because something isn't legal tender, does not mean that it cannot be used for payment – it just means that there are no protections for either the consumer or the merchant, and that its use as payment is completely discretionary. (More Info)