You might wonder about how blockchain came to be? The answer’s here:
A section of the transcript:
Joining us today is one of the most cited authors of the Bitcoin white paper, Stuart Haber. Stuart, along with his co-author Scott Stornetta, made the first blockchain by conceptualizing the idea of a timestamp digital document and deploying it commercially in the 90s. On that note, I’ll turn it over to Stuart so he can tell you where he’s coming from and how he made this whole blockchain thing happen. Hi Stuart.
3:19
Stuart Haber: Hello everybody. I suppose the place to start is to tell the brief version of the genesis of the blockchain idea. I was a cryptographer at Bellcore (Bell Communications Research), which for those who are old enough was the Bell Labs of the local phone companies, the Baby Bells, when Ma Bell broke up. Bellcore was modeled on the legendary Bell Labs. I’ve been there a couple of years, working as a cryptographer. I had written my thesis before that on zero-knowledge proofs and multi-party computation when that was brand new stuff. A new hire named Scott Stornetta came to the lab. He was very worried about the problem of ensuring the integrity of digital records of all kinds. Remember, this was 1989; the internet existed, but the World Wide Web didn’t yet. It was clear that all the world’s records were moving online, and we worried about how to ensure their integrity.
4:59
If you think about that, a digital record is a single thing. The only sensible way of addressing the problem is to have some sort of algorithmic system for registering a document and thereby producing a digital certificate that can be validated or verified to prove the integrity of the original record. Public key cryptography and one-way hash functions were already around at that time, so the obvious solution was what we called the “hash and sign” solution: trust some entity to sign an assertion “I saw these bits at this time,” where the bits are the one-way hash value of the record in question. This is fairly straightforward, but Scott and I were enormously dissatisfied with that solution because it required trusting the signer, the signing person, entity, or company.
6:09
Back then, there was a company that was trying to make a business of hash-and-sign timestamping. They had a multi-million dollar atomic clock which they would happily sell you as part of the system. We wanted to ensure the integrity of digital records without relying on a single centralized trusted entity. We had trouble doing that and even tried to prove that there was no better way of doing it. Proving something is impossible is much harder than proving a positive. While thinking about the model of computation, Scott and I realized that by having the whole world watching what we were doing, we could enable the validation of digital records without relying on a single entity. We designed, over the course of a couple of papers (first in 1990 and second in 1991), what you would now call the blockchain: a hash-linked chain of roots of Merkle trees of hash values of individual records.
9:00
Stuart Popejoy: Right, and shortly thereafter, you guys would start a commercial venture that would begin timestamping digital documents in this thing that wasn’t yet called a blockchain.
9:19
Stuart Haber: Right. We didn’t call it a blockchain. When I give talks about this now, I talk about grouping records into what I now call a block, building a Merkle root, and then linking these together. We spun out of Bellcore a company called Surety and deployed a service for certifying and checking the integrity of digital records. In 1995, we achieved worldwide consensus on the hash values by putting a small classified ad in the national edition of the Sunday New York Times. That blockchain is still running. Inside the Sunday New York Times is a classified ad with a hash value that depends on every request Surety has received since it was first running commercially in early 1995. Scott and I rediscovered the first such ad placed in the New York Times in 1991 when the first version of the code was running in Bellcore.
12:34
Stuart Popejoy: That’s amazing, 18 years before Bitcoin.
12:46
Stuart Haber: When Satoshi was putting together the Bitcoin system, he/she/they needed a way to ensure the integrity of digital records. The best solution was the hash linking we had described, which Satoshi adopted. They beautifully linked the hash linking with the idea of mining to ensure the completely self-contained security of the system. The proof-of-work part replaces the New York Times but uses the same data structure.
13:57
Stuart Popejoy: The integrity is guaranteed by the data structure. What makes it unnecessary to use something like the New York Times is the proof-of-work consensus. The same design was used, but with hash functions maturing by the time Satoshi came along.
14:19
Stuart Haber: Right. Scott and I wanted to minimize our dependence on centralized entities, so we also wanted to minimize our dependence on mathematical assumptions. We worried about hash collisions, which occur when two records have the same hash value. When we first deployed the system in 1991, we used two hash functions: MD5 and SHA-1. Both were eventually shown to have collisions, but we used the combination to reduce risk. We built the Merkle tree using both hash functions. In 1991, we spoke about how to swap in a new hash function should it be necessary. Surety actually did that when weaknesses in MD5 were shown. We switched to SHA-256 and RIPEMD-160, which is now used in Bitcoin.
Here’s another good article: Bitcoin’s Academic Pedigree - ACM Queue
