blockchain

1 files changed, 50 insertions, 3 deletions

diff --git a/introduction.tex b/introduction.tex
index a3c3e07..9e7c318 100644
--- a/introduction.tex
+++ b/introduction.tex
@@ -475,9 +475,56 @@ We have the following security and correctness properties for GNU Taler
 While anonymity and unforgeability are common properties of e-cash, we are not
 aware of any other treatments of income transparency and conservation.
 
-%\section{Distributed Ledgers and Byzantine Consensus}
-
-%Blockchain=consensus+integrity(+governance etc)
+\section{Distributed Ledgers and Byzantine Consensus}
+The main purpose of Blockchains, including those implementing cryptocurrencies,
+is to maintain a distributed ledger that holds state, together with rules on
+how this state can be updated.  The name ``Blockchain'' derives from its
+structure:  A list of updates (``transactions'') is bundled into a so-called
+block, and each block contains a hash of the previous block.
+
+Multiple parties agree on the current state of the ledger by agreeing on a
+``head'' of the chain of blocks.  With proof-of-work blockchains such as
+Bitcoin, each block contains the solution to a computationally expensive puzzle
+that is derived from the contents of the block.  The block that, together with
+its ancestors, contains the most expensive accumulated work (and respects the
+rules of the Blockchain with regards to what transactions are valid) is
+considered the head of the chain.  All participants of the network can ``mine''
+a block by collecting transactions and trying to solve the corresponding
+computational puzzle.  Successful miners are rewarded with a mining reward and
+transaction fees. This type of agreement on a ledger is also called ``Nakamoto
+Consensus'', after the inventor of Bitcoin.  The result of the agreement is not
+final:  if a branch originating from an earlier block of the chain accumulates
+more work, it becomes the canonical head.  While this type of consensus has
+some attractive properties---there is no fixed set of members, and remains
+secure as long as an adversary has less than 50\% of computational power---it
+consumes a huge amount of energy to provide for computation of the
+proof-of-work puzzles..
+
+After Bitcoin popularized the concept of Blockchains, alternative consensus
+mechanisms were proposed to replace or augment proof-of-work.  In
+proof-of-stake Blockchains, a single node is selected as a validator.  The
+validator must provide a safety deposit (the ``stake''), and if any misbehavior
+is detected, the safety deposit is destroyed.  If the validator behaves
+correctly, they earn transaction fees and get back their safety deposit.
+Currently proof-of-stake protocols are still in development, and often require
+falling back to other consensus mechanisms in certain situations.
+
+Permissioned Blockchains have a known, relatively small set of participants,
+and can rely on more traditional and cheaper consensus algorithms.  When
+resilience against actively malicious members is required, a so-called
+Byzantine consensus protocol must be used.  Byzantine consensus protocols
+typically agree on a single value at once.  In Chapter~\ref{chapter:consensus}
+we introduce a Byzantine consensus algorithm that can be used to agree directly
+on a (super)set of all transaction that honest peers proposed.  This allows for
+implementations of permissioned blockchains where transactions are accumulated
+into blocks, and the transactions within a block are agreed upon in a way
+that's asymptotically faster than agreeing on every transaction sequentially.
+
+This protocol could be used in the future to implement an efficient and robust
+implementation of the register layer of a payment system, with GNU Taler e-cash
+as the value layer above it.
+
+% block structure
 
 \section{Contributions}