【译】What is a UTXO, and how does it work for a blockchain ledger?

今天我想介绍区块链如何运作的基本知识,以及它如何以安全的方式追踪资金。 我将介绍UTXO模型,比特币和Qtum使用它。 区块链上还有另一种叫做账户模式的资金管理方式,但这里不会涉及。

首先我想给出一些定义,以免你对比特币一无所知。

  • 单向散列(或简称“散列”) - 一种将数字数量转换为固定长度“摘要”的加密算法。 该算法通过仅给出摘要的方式来做到这一点,不可能确定输入数据是什么,并且此外不可能预测来自给定输入数据的摘要是什么。 最常见的例子是在比特币中广泛使用的SHA256,但还有很多其他的包括SHA3,RIPEMD160,scrypt等等。
  • 公钥密码系统 - 一种密码机制,通过它可以将“私钥”密钥转换为“公钥”并用于证明私钥的所有权而不泄露秘密。 此外,可以使用公钥对数据进行加密,以便只有持有私钥的人才能对其进行解密。 在比特币中,这通常用于签署交易。 有可能通过仅使用签名数据和公钥来证明交易的创建者拥有私密密钥。
  • Merkle root - 一种树型数据结构,它使用单向哈希来保存多个数据片段,使得在不改变merkle根哈希的最终值的情况下,树的输入中的任何数据都不能被修改。
  • UTXO - 未使用的事务输出,事务中未使用的输出
  • Block - 区块链上最小的可验证且不可伪造的单位。 它包含各种数据来证明它的共识以及交易

那么,让我们来谈谈交易如何在这方面发挥作用。 比特币交易在某些方面类似于收银员的支票。 当你想花费一笔交易的“输出”时,你必须花费整个事情。 这与您无法走进银行并说“我想兑现这张支票的一半”类似。 但是,在这种模式下,没有相当于现金或银行账户。 因此,为了在任何地方汇款,您必须“兑现”支票,并从兑现流程中“输出”支票到您预定的目的地,然后再查看自己。

这个“兑现过程”实际上是比特币中的交易。 在一笔交易中,您花费了一次或多次“支票”(实际上称为UTXO),并从这些花费的资金中为新目的地创建一个或多个UTXO。 您在交易中使用的UTXO称为“vins”,您创建的新UTXO称为“vouts”。 一旦UTXO被一笔交易花费,它可以被认为已经消失并被销毁。 你可以在区块链中看到它的历史,但是没有什么可以做到的。

所以,目前我们的系统中存在的一个问题是,检查通常会写出姓名,例如“Jordan Earls”。 任何人当然可以说他们是互联网上的任何名字。 这是我们将公钥加密和编程引入UTXO的地方。 在比特币中,UTXO包含一个脚本或一个计算机程序,如果您可以通过说“真”来使脚本结束,那么这些脚本或计算机程序是可以使用的。 让我们看看最简单的脚本,它可以做一些有用的事情:

 [pubKey] OP_CHECKSIG 

这被称为“pay-to-pubkey”脚本 这是第一个标准的比特币交易类型。 第一项是[pubKey] 这是公钥的数据。 请记住,每个公钥都有一个私有密钥,它的所有者保密。 发布公钥是安全的,但不公开私钥。 比特币“脚本”语言是基于堆栈的。 所以想象你有一堆文件。 你把公钥写在一张纸上,然后放在堆栈上。 该脚本的下一部分是OP_CHECKSIG。 这个特定的操作将会从堆栈顶部取走两件东西。 它的第一件事就是公钥。 然后,它的第二件事就是加密签名。

不过现在这很混乱。 OP_CHECKSIG从栈中获取2个值(也称为参数),但我们的脚本似乎只有1个值, pubKey 这是vin部分变得重要的地方。 您可以将vout脚本想象为支票上的“付款”字段,并将vin脚本想象为您在后面签名的地方,证明您确实是“付款至”字段中的预定方。 在比特币中,脚本只有在花费之后才会执行。 当它被使用时,它首先执行vin脚本,然后将结果数据从vin栈放到vout栈中。 所以在实际执行中,脚本可能看起来很像:

 [signature from vin] [pubKey] OP_CHECKSIG 

人们可以认为vout脚本是一种挑战,而vin则是让vout满足它的答案。 无论如何,现在我们有一个提供签名并尝试花这些资金的vin,我们实际上可以执行脚本。 如果签名和公钥是有效的,那么OP_CHECKSIG将在堆栈上推“真”,导致UTXO成功消耗。

所以在一个交易中,每个vin指定一个以前的UTXO,并提供一个导致UTXO脚本返回“true”的答案。 如果使用了无效签名或类似签名,则脚本将返回“false”并且该事务无效。 部分消费UTXO是不可能的。 它必须完全用完或者保持不动。 这意味着如果你有一个UTXO值10个令牌,并且你想向Bob发送7个令牌,那么你必须进行一个花费这10个令牌UTXO的事务,并创建2个输出。 一个输出给Bob(使用他的公钥)和一个输出给你自己(确保你可以给vout提供一个“回答”来成功地使用它)。 这第二个输出回到自己被称为“更改地址”。

最后,我们有一种使用事务和脚本交换令牌的合理方式。 但是,我们面临一个问题。 当有人向您发送交易输出时,您如何确定其交易的结果只使用未消耗的输出。 这是区块链概念变得重要的地方。

比特币中的一个块有一个标题。 标题包含以下内容:

  • 先前的块头散列
  • 块中所有事务的Merkle根散列
  • 创作时间
  • 困难
  • 杜撰

该块的主体是完整的交易(最终也是证人,但这是另一个话题)。

由于每个块都包含对前一个块的引用,所以不可能秘密修改前一个块。 修改以前的块会改变块散列,从而破坏由块散列组成的“链”。

比特币使用工作证明(PoW)共识系统。 这将在后面的文章中更详细地解释,但基本上它是一个系统,要求块创建过程中的参与者(矿工)投入一定数量的计算工作来解决难题。 解决这一难题的第一位矿工获得了奖励,他们创建的块被添加到网络的区块链中。 必须完成多少工作由块中指定的“难度”控制。

在PoW中,只有块头实际用于共识机制。 merkle root hash确保尽管如此,可以验证块体中的每个事务,并确保每个事务都已收到。

一旦创建了块,交易可以被认为是永久性的。 “双重支出”UTXO的唯一方法是取代发生支出交易的区块。 这在某些情况下可以自然发生(称为孤立块),但由于在包含块的事务之上构建了更多块,因此这种可能性成指数性地降低了可能性,并且此外需要指数级更多的工作来恶意攻击和替换。

这就是为什么许多接受比特币的服务等待3或6个确认(块放置在包含块的交易之上)。 区块链可能被破坏,并且这些资金被另一笔交易花费是难以置信的。

我们只剩下一个问题。 令牌最初来自哪里? 他们来自采矿过程。 作为采矿的一部分,矿工增加了一项名为“coinbase”交易的特殊交易。 这笔交易没有投入,并且允许有一定数量的产出(比特币目前为12)。 这个coinbase交易是流通中的所有代币实际来自哪里。 如果没有令牌,就不会创建任何交易,因此没有任何事情要做。

现在我们有一个功能正常的区块链,它能够安全地保存它的价值,确保双重支出极难执行(并且通过更多确认来增加难度)。 您现在应该足够了解比特币,Qtum和其他UTXO加密货币在协议级别的真实工作原理,并且可以开始查看区块链中更高级的主题。

参考文献:

  1. https://en.bitcoin.it/wiki/Script#Obsolete_pay-to-pubkey_transaction
http://earlz.net/view/2017/07/27/1820/what-is-a-utxo-and-how-does-it

展开阅读全文

What is a pending transaction?

08-24

I have read the content of "SqlConnection.Close() method rolls back any pending transactions." in msdn library, and msdn library also said "SqlConnection.Close() method releases the connection to the connection pool, or closes the connection if connection pooling is disabled."rnrnrnI created a stored procedure in Northwind db like this:rnrncreate proc dbo.TestProcrnasrnbegin transactionrn delete dbo.[Order Details];rngo rnrnI created some code to execute the stored procedure like this:rn rn static public void Test()rn rn string connectionString = "Integrated Security=true;Initial Catalog=Northwind;server=(local);Connection Lifetime = 60";rn rn SqlConnection sqlconnection = new SqlConnection();rn sqlconnection.ConnectionString = connectionString;rn SqlCommand sqlCommand = new SqlCommand("dbo.TestProc");rn sqlCommand.CommandType = CommandType.StoredProcedure;rn sqlCommand.Connection = sqlconnection;rn tryrn rn sqlconnection.Open();rn sqlCommand.ExecuteNonQuery();rn rn catchrn rn rn finallyrn rn sqlconnection.Close();rn rn rnrnClearly, the database connection is put into the pool after the Sqlconnection.Close() is invoked. But after the Sqlconnection.Close() is invoked, the transaction is still on the database connection, and at that time the connection is in the pool.rnrnrnI have create a query like this:rnrnselect open_tranrnfrom dbo.sysprocesses as prn inner join dbo.sysdatabases as drn on p.dbid = d.dbidrnwhere d.[name] = N'Northwind';rnrnand the result has only one row:rnrnopen_tran rn--------- rn1rnrn(1 row(s) affected)rnrnrnI think the not completed(committed or rollbacked) transaction in the example procedure is not a pending transaction, because the Sqlconnection.Close() method is not rollback the transaction. rnThus, my question are:rnrna) What is a pending transaction?rnb) How to check transaction count in c# code, besides execute T-SQL batch include "@@error".rnc) Is the not completed transaction in T-SQL only manual committed? Are there better methods to solve the not completed transaction problem?rn 论坛

What's In A Name?

01-16

DescriptionnnThe FBI is conducting a surveillance of a known criminal hideout which serves as a communication center for a number of men and women of nefarious intent. Using sophisticated decryption software and good old fashion wiretaps, they are able to decode any e-mail messages leaving the site. However, before any arrest warrants can be served, they must match actual names with the user ID's on the messages. While these criminals are evil, they're not stupid, so they use random strings of letters for ntheir ID's (no dillingerj ID's found here). The FBI knows that each criminal uses only one ID. The only other information they have which will help them is a log of names of the people who enter and leave the hideout. In many cases, this is enough to link the names to the ID's.nInputnnInput consists of one problem instance. The first line contains a single positive integer n indicating the number of criminals using the hideout. The maximum value for n will be 20. The next line contains the n user ID's, separated by single spaces. Next will be the log entries in chronological order. Each entry in the log has the form type arg , where type is either E, L or M: E indicates that criminal arg has entered the hideout; L indicates criminal arg has left the hideout; M indicates a message was intercepted from user ID arg. A line containing only the letter Q indicates the end of the log. Note that not all user ID's may be present in the log but each criminal name will be guaranteed to be in the log at least once. At the start of the log, the hideout is presumed to be empty. All names and user ID's consist of only lowercase letters and have length at most 20. Note: The line containing only the user ID's may contain more than 80 characters.nOutputnnOutput consists of n lines, each containing a list of criminal names and their corresponding user ID's, if known. The list should be sorted in alphabetical order by the criminal names. Each line has the form name:userid , where name is the criminal's name and userid is either their user ID or the string ??? if their user ID could not be determined from the surveillance log.nSample Inputnn7 nbigman mangler sinbad fatman bigcheese frenchie capodicapo nE mugsy nE knuckles nM bigman nM mangler nL mugsy nE clyde nE bonnie nM bigman nM fatman nM frenchie nL clyde nM fatman nE ugati nM sinbad nE moriarty nE booth nQ nSample Outputnnbonnie:fatmannbooth:???nclyde:frenchienknuckles:bigmannmoriarty:???nmugsy:manglernugati:sinbad 问答

what a strange question!!!!!

01-15

private void Page_Load(object sender, System.EventArgs e)rn rn // 在此处放置用户代码以初始化页面rn rn Table table1=new Table();rn rn TableRow row=new TableRow() ;rn rn for(int j=0;j<2;j++)rn rn TableCell cell = new TableCell();rn if(j==0)rn rn CheckBox checkbox=new CheckBox();rn checkbox.ID="aaa";//这里改成checkbox.ID=j.ToString()点击按钮就不到,只能给定具体ID才能找到rn rn cell.Controls.Add(checkbox);rn rn rn row.Cells.Add(cell);rn table1.Rows.Add(row);rn rn rn rn table1.Style.Add("position","absolute");rn table1.Style.Add("left","200px");rn table1.Style.Add("top","200px");rn table1.Style.Add("width","100");rn table1.Style.Add("height","100");rn table1.BorderWidth=1;rn Page.FindControl("Form1").Controls.Add(table1);rn rn rnrn #region Web 窗体设计器生成的代码rn override protected void OnInit(EventArgs e)rn rn //rn // CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。rn //rn InitializeComponent();rn base.OnInit(e);rn rn rn /// rn /// 设计器支持所需的方法 - 不要使用代码编辑器修改rn /// 此方法的内容。rn /// rn private void InitializeComponent()rn rn this.Button1.Click += new System.EventHandler(this.Button1_Click);rn this.Load += new System.EventHandler(this.Page_Load);rnrn rn #endregionrnrn private void Button1_Click(object sender, System.EventArgs e)rn rn CheckBox checkbox1=new CheckBox();rn for(int i=0;i<2;i++)rn checkbox1=(CheckBox)Page.FindControl("aaa");//这里把"aaa"改成i.ToString()就找补到该空间WHY???rn if(checkbox1!=null&&checkbox1.Checked==true)rn Response.Write(" ");rn rn 论坛

ASP.NET Does Not Work with the Default ASPNET Account on a Domain Controller

11-21

BUG: ASP.NET Does Not Work with the Default ASPNET Account on a Domain ControllerrnThe information in this article applies to:rnMicrosoft ASP.NET (included with the .NET Framework)rnMicrosoft Internet Information Services 5.0rnMicrosoft Mobile Internet Toolkit (MMIT)rnrnThis article was previously published under Q315158rnSYMPTOMSrnAfter you install Microsoft Visual Studio .NET or the Microsoft .NET Framework on a domain controller or on a backup domain controller, if you try to run an ASP.NET application, the browser displays the following error message: rnrnServer Application UnavailablernrnThe web application you are attempting to access on this web server is currently unavailable.rnrnPlease hit the "Refresh" button in your web browser to retry your request. rnFurthermore, the following event is logged in the system application event log: rnrnaspnet_wp.exe could not be launched because the username and/or password supplied in the processModel section of the config file are invalid.rnaspnet_wp.exe could not be started.rnHRESULT for the failure: 80004005 rnThis applies to Internet Information Services (IIS) version 5.0 or later. rnCAUSErnBy default, ASP.NET runs its worker process (Aspnet_wp.exe) with a weak account (the local machine account, which is named ASPNET) to provide a more secure environment. On a domain controller or on a backup domain controller, all user accounts are domain accounts and are not local machine accounts. Therefore, Aspnet_wp.exe fails to start because it cannot find a local account named "localmachinename\ASPNET". To provide a valid user account on the domain controller, you must specify an explicit account in the section of the Machine.config file, or you must use the SYSTEM account. rnrnNOTE: If you try to debug (click the Start button) before you try to browse to the page you can experience the exact same problem. rnRESOLUTIONrnTo work around this problem, use one of the following methods: rnCreate a weak account that has the correct permissions, and then configure the section of the Machine.config file to use that account.rnSet the userName attribute to SYSTEM in the section of the Machine.config file.rnConfigure the section of the Machine.config file to use an administrator account.rnNOTE: Allowing ASP.NET applications to run as SYSTEM or an administrator account has serious security implications. If you use either of these workarounds, code that is run in the Aspnet_wp.exe process will have access to the domain controller and the domain settings. Executable files that are started from the Aspnet_wp.exe process run in the same context and also have access to the domain controller.rnrnTherefore, Microsoft recommends that you use the first workaround. To use the first workaround, follow these steps: rnCreate a user account on the computer named ASPUSER, and then add this account to the Users group.rnrnNOTE: You can also use the ASPNET account that the .NET Framework created if you change the password on this account. You must know the password on this account because you add the password to the section later in these steps.rnGrant the ASPUSER or the ASPNET account the Log on as a batch job user right. Make sure that this change appears in the Local Security Policy settings.rnrnNOTE: To grant the Log on as a batch job user right on this account, you may have to grant this user right in each of the following security policies (From the Control Panel/Administrative Tools): rnrnrnDomain Controller Security PolicyrnDomain Security PolicyrnLocal Security PolicyrnrnNOTE: You may have to reboot the server for these changes to take effect.rnMake sure that the ASPUSER or the ASPNET account has permission to access all of the necessary directories and files to start the Aspnet_wp.exe process and to serve the ASP.NET pages.For additional information about what permissions you must grant to this account, click the article number below to view the article in the Microsoft Knowledge Base: rnrn317012 INFO: Process and Request Identity in ASP.NET rnrnrnOpen the Machine.config file. The path to the file is: %Systemroot%\Microsoft.NET\Framework\v1.0.3705\CONFIG.rnIn the section of the Machine.config file, change the userName and the password attributes to the name and the password of the account that you created in step 1. For example:rnuserName="DomainName\ASPUSER" password="ASPUSERpassword"rnSave the changes to the Machine.config file.rnSTATUSrnMicrosoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article. rnREFERENCESrnFor additional information about ASP.NET security, click the article number below to view the article in the Microsoft Knowledge Base: rnrn306590 INFO: ASP.NET Security Overview rn 论坛

没有更多推荐了,返回首页