#3 - The Summer of Bitcoin Experience
Bitcoin's cryptography - under the hood by SOB intern Sivaram D, chat with our 2022 design intern Autumn Domingo on her bitcoin design journey and best bitcoin jobs for freshers!
Hello Summer of Bitcoiner!
This week, we bring to you a guest post by SOB intern Sivaram Dhakshinamoorthy, in which he investigates the difficulty of stealing someone’s bitcoin by cracking bitcoin’s cryptography. If you haven’t yet, check out our conversation with him from last week on his bitcoin journey.
Many technologies like Tor, Bitcoin, and Email use Asymmetric Cryptography (also known as Public Key Cryptography) for secure data exchanges. If you are reading this on substack, your browser has established a secure connection to substack’s server using this cryptography. The fundamental step for such secure connections is the generation of a private and public key pair.
It is known that we cannot derive the private key for a given public key, but there is no mathematical proof to back this up. It is unwise to believe something blindly. So let us write some code to derive the private key from a public key to evaluate the difficulty of this process. Before diving into the code, we need to understand a few basic concepts used in asymmetric cryptography and elliptic curve cryptography.
Let's learn basic cryptography
Asymmetric Cryptography
It is a type of cryptography that is widely used for secure data transfers. It is an excellent fit for vast and growing environments with frequent data exchanges (i.e., the internet). We use it for email security, web security, etc. It has the following properties.
A user generates two keys: a public key and a private key.
Public key is mathematically derived from the private key (both keys together are called the key pair).
The public key is made available to anyone. The private key is kept secret.
Both keys are used to perform operations like encryption and decryption.
Public and Private key
Although we use the term "keys" a lot, there are no physical keys involved here. Both public and private keys are enormous prime numbers. You can think of the public key as the username of your Twitter account and the private key as its password. Therefore, both of these together define your identity in the network.
I have mentioned before that your browser uses asymmetric encryption to connect to this blog's server. Let's try to find the public key used in this connection.
Step 1: Click the lock button beside the URL of this page.
Step 2: Choose the Certificate option and navigate to details.
Step 3: Now, you can view server’s public key.
Elliptic Curve Cryptography
One of the popular methods used to generate the private and public key pair is to use Elliptic Curve Cryptography. We follow the steps shown below to generate a public key from a private key.
Select an elliptic curve.
Choose a random point on the curve (Let's say G).
Add this point with itself a certain number of times (Let's say n times).
Return n * G.
Here, G = Generator point, n = private key and n * G = public key.
Now we have covered the required concepts. If you want to learn more about Elliptic Curve Cryptography, check out this fantastic blog series by Andrea Corbellini.
Cracking the private key
We want to derive the private key from a known public key. we can mathematically write this as, given G and E, find the value of n in the equation: E = n * G where E = public key, n = private key and G = generator point.
This is called Elliptic Curve Discrete Logarithm Problem (ECDLP). This YouTube playlist by Leandro Junes covers the topic of the Discrete Logarithm Problem in detail.
This problem doesn't seem that difficult, right? After all, we know both G and E and we just need to find the value of n. We can store G in a variable (Let's say curr_key
) and keep incrementing this curr_key
by the value G
until it equals E.
Then, the number of increments performed should be equal to the private key. The python implementation of this idea is below:
def find_priv_key(G, pub_key):
priv_key = 0 # no of increments performed
curr_key = 0
while(curr_key != pub_key):
curr_key += G # point addition on elliptic curves
priv_key += 1
if(curr_key == pub_key):
return priv_key
return -1 # if no key exists
The time complexity of this algorithm is O(n)
where n = size of the private key.
So, did we derive the private key? Linear-time algorithms should be easy to compute, right? Great question! It will be easily computable if this was a leetcode problem, but that is not the case here. There are two mistakes in this approach.
Mistake 1: The range of n is [1, 2^256). This range is so large that even if you have Google's computation ability (i.e., ~ millions of GPUs) and start your calculation at the creation of our universe, you still won't be able to finish your calculation by today. I would highly recommend you watch this video by 3Blue1Brown. It will give you a good visual representation for the massive size of 2^256.
Mistake 2: The value of x * G starts to repeat after a certain x. That is, there can be x1 and x2 for which x1 * G = x2 * G. This is because the addition that we perform here isn't a normal addition. It is a point addition on elliptic curves. You can relate this to the property of arithmetic modulo operation where 1 (mod 5) = 6 (mod 5). Hence, you need to know the range of possible private keys beforehand. This is generally not a problem since the elliptic curve specification has this information in a parameter known as "group order".
How are key pairs generated?
We realized that the linear time solution for private key derivation is computationally infeasible. Doesn't this also make the public key generation in linear time impossible? Yes, it is not feasible to generate a public key in linear time. Then how is a public key generated?
The algorithm used to generate the public key executes in O(log n)
instead of O(n),
making this generation process feasible. There does not exist an algorithm to derive the private key in logarithmic time. Hence, making the derivation process infeasible. This O(log n)
generation process makes use of binary expansion of n to calculate n * G. You can find the implementation of this idea is below.
def generate_pub_key(G, n):
temp = G
pub_key = 0 # stores public key
while(n > 0): # loops over the bits of n
if(n&1): # add 2^(i) to answer if ith bit is 1
pub_key += temp
n = n >> 1 # equivalent to n = n/2
temp = 2*temp
return pub_key
Closing note
The final verdict is that it is infeasible to generate a private key given the public key. The security of many technologies, including bitcoin, relies on this property.
Are you starting out in bitcoin today and want to learn how to build apps on the bitcoin blockchain?
Build On L2 (BOL2) is a community-led effort by contributors and companies building on Core Lightning and the Liquid Network. It's a space to connect with bitcoin builders, product managers, designers and developers through events and mentorship programs and learn from experts building the future of bitcoin.
Completely free and accessible, each layer-2 protocol has a respective community platform that will host activities including:
Localized hackathons
Virtual networking events
Project bounties and other incentive programs
International builder tournaments
Career development programs
Mentorship and coaching
AMAs with leading developers
Visit buildonl2.com to join the community and learn how to build killer apps on bitcoin.
Interview with Autumn Domingo
We spoke with Autumn Domingo, an 18-year old university student from United States of America and a Summer of Bitcoin intern who contributed to Padawan Wallet as a UX designer. Autumn also shares her advice on getting started with bitcoin open-source design and tips for cracking Summer of Bitcoin.
Listen to the full conversation on Spotify here.
You can also watch a video of the conversation here.
Read the full transcript:
ADI SHANKARA: Hey Autumn, welcome to The Summer of Bitcoin Experience. Tell us a little bit about yourself.
AUTUMN DOMINGO: Hello, thank you for having me! I am a senior in high school and I am really into bitcoin, really into UX design and merging the two. I've been in space for about a year now, a little bit more than a year. And I've just been working on bitcoin UX stuff. I co-founded an organization called ‘Generation Bitcoin’ with Ishana; it focuses on educating teams and helping them get into the space, get started, help contribute and it's just a community of us that just try to understand bitcoin as best we can.
SHANKARA: That's fantastic. There's a lot that you're up to! Tell me more about how you got interested in design in the first place.
DOMINGO: So I started out with probably going down the engineering track. I didn't really know what I wanted to do, but I knew that I wanted to build something. And one thing I love is problem-solving. I love coming up with solutions to different problems that help people's lives. And so I was able to kind of stumble upon UX design through a whole process of learning about different business management roles and all of these different things. And then I stumbled on UX, I could really see myself doing this and I feel like this could really help. And so this was actually before I knew about bitcoin. I just knew that this was like a career that I could really see myself doing and I wanted to learn more about it. So I found a certificate course - a 12-week bootcamp, and I joined that. It was a little scary at first because it was a bunch of adults that were like graphic designers for like 10 years, but I was just like, I have no idea - I'm just really interested in UX design and the learning process. And then that's kind of where it all started.
SHANKARA: Talk to me about your journey with bitcoin. What was your first interaction or when was the first time you heard about it and how did you stumble down that rabbit hole?
DOMINGO: So it started in 2020; when my dad wouldn't stop talking about it, and he usually just used us as a soundboard like at the dinner tables. It would be bitcoin conversations, and he's trying to understand the information he's taking in so we're there and then we just listen to it, but none of us were really into it ourselves. And then in August of last year, it was like, ‘Hey, why don't you fly out to Austin with me and we'll go to the Austin bitdevs!?’. And I was like, I really don't want to go, but you know, why not? Because I always love new experiences. I get to go to Austin, and we never know what I can get out of it. And so I flew to Austin with him for three days. We went to the bitcoin meetup there. I met a ton of people! And I met the UX designer for Unchained Capital, Sahil. So he was like, “Yeah, UX and bitcoin. You know, they're compatible, like they work hand in hand and we need more UX designers in the space”. And that was like, the aha moment for me because I didn't think those two could intersect. And so from there, I knew nothing about bitcoin. But I saw myself in that role, and so I met so many people. I met Jeremy Rubin there. I met Patricia from the bitcoin space. I met Stephen.
I met all of these incredible people! I knocked into the after-party bar thing with my dad and I just sat at the table with these great developers and designers in the space and I was just like soaking up everything I could. I just wanted to learn more because I know that I'm in the right space now. That was just a click like an automatic click. And then after that, I got really excited and I was like, alright, we're gonna have a bitcoin note on my phone. I started writing down all these resources, asked questions to these people even if they were like really basic questions.
And then from there, it kind of just shot off. I started listening to more books, reading articles, listening to podcasts, and talking a lot about it with my dad. And we kind of just grappled with understanding the tech side, understanding that economic side, understanding the global impact that could have on this world, and so it kind of just burrowed and layered and then I went to the New York City bitdevs. I went to conferences and with every single interaction with bitcoin, I was just like, this is where I want to be, you know, so that’s how it started and hasn't stopped since.
SHANKARA: You started ‘Generation Bitcoin’, tell us what it is and what was the story behind it?
DOMINGO: So the first bitdevs I went to in New York - there were a lot of older people. And I just saw this one girl on the corner with her dad. And I was like, no way! She's my age, she looks like she's my age but I'm not sure. And so at the end, I was like, I have to go up to her because, you know, I gotta make buddies with the girl who knows about bitcoin. So then we exchanged numbers and we just started sending each other bitcoin resources we found helpful. I met another girl at Lisa Neigut’s bitcoin LARP in the city, and I was like “Hey guys, we’re all interested in bitcoin. You want to make a group and just dig into the whitepaper first?” So there’s the three of us and then I talked about it with my friends. And they were like, I want to learn about bitcoin and they joined and then we met people on Twitter like Arsh, who started a bitcoin library like a bitcoin book section in this library at school. And we have been starting to build from there and now it's a pretty solid group of teams who are really into bitcoin. Some don't know as much, some actually work in the space or are contributing. And we learned through presentations like peer presentations from each other. We learnt from going to conferences together, sharing our insights, reading books, having discussions and so it's more of a community where we learn from each other and it's, it's just teams excited about bitcoin.
SHANKARA: I love that. So before we switch gears to Summer of Bitcoin itself, I do want to hear from you… after all that you've learned about bitcoin - what do you feel is bitcoin really solving? Why does it matter? Why is it an important deal?
DOMINGO: I think that's a very loaded question because it solves so many things!
But I think the most important aspect to understand is that it allows every person to be self-sovereign. And if we talk about bitcoin from the currency aspect, you don't have to rely on governments. You don't have to rely on third party institutions. You don't have to rely on banks. You have complete control over your money. And so, like take the example of what happened in Canada with the protesting truckers, right. They were standing up, they were protesting about something they believed in and the government disapproved of their actions. So they were like, ‘We're gonna shut this down. We're gonna freeze your accounts’. And that's hard. You don't have access to the money that you worked for. And so then from there, people tried to raise money for them to support them.
But the government was like, no, we still don't want this. So they shut that down. But then people came together and we're like, let's raise money and give them bitcoin and the government might have the same reaction. But they were like, sorry, we can't do anything. It's a network that is run by all of these different people all over the world. And we can't shut it down. And so I think, that has so much power because it shows that you have control over that and it sets your future up for being, I guess, you're more stable when you have a currency that you have control over as opposed to relying on someone else. And that is really powerful, and it's something that has never existed before. And so I think that's one of the reasons why bitcoin is so important.
SHANKARA: Sweet. So, let's talk about Summer of Bitcoin. When was the first time you heard about it, and you know, what made you apply?
DOMINGO: I'll go back to my dad again. I was working with ‘Ladies in Bitcoin’ with Sarah Satoshi and her organization. And I was just looking to really jump into the UX side of things and contribute to something that was more of a project - more something people could physically interact with. My dad was like, check this program out, and I was like, let’s check out the link. I looked through the process. I looked through the itinerary, what were we going to be working on and I just, I knew that it was something that I wanted to do, because it had all of these things I was looking for. I wanted to work on a UX project, I wanted to help develop my skills, I wanted to work with designers, I wanted to work on a bitcoin project, and I wanted to learn and develop my knowledge of bitcoin all at the same time. And so that was exactly what the Summer of Bitcoin was all about. And so I was like, alright, I don't know if I'm gonna get in, but I know that if I atleast apply and start my process, I'm gonna get something out of it. And I apply next year if I don't get it, same thing.
And that's kind of how it all started. That was an awesome decision, and I learned so much this past summer.
SHANKARA: Tell us more about the project that you worked on. And if you could tell us what the benefits were to the project and also, what was your experience working on it? What things did you end up learning?
DOMINGO: So I worked on a project called Padawan wallet, which is a testnet wallet that allows people to become accustomed to how a bitcoin mobile wallet works, how you can send-receive transactions, how you can learn about simple bitcoin concepts like what's the mempool or what are private keys or what's a seed phrase and what really drew me to this was the education aspect, because as soon as I found out about the bitcoin space, I saw my role as being I want to break down this barrier between the concept of bitcoin and all these people who are in it and the regular average Joe, like your uncle, your aunt, your cousin, your grandmother, you know, and because that's where the power really comes from and that's how you can really help people - that comes through education and that comes through practice and making it as simple as it possibly can be. So they know that it's not out of their reach, and they can accomplish this. It's not this thing for developers only or economists or any of these people who have a type of certain knowledge. And so that was exactly what Padawan was doing - it was allowing people to become comfortable with the process of what it's like to actually physically interact with bitcoin. And once you see that, it's that simple; you're like alright, I’m in! What's even better is it's on the testnet. So it's not like any bitcoin is lost, it's all coins that don't have any value. So it all works out.
And the team that I worked on it with, I had two other designers. They were absolutely amazing. They were from all different parts of the world. One of them was really great at UI design and the other one was really great at combining these awesome wireframes. One thing that I was able to help with was the research aspect of it and identifying the problems and creating some solutions. And so I feel like we all got to work together and create a product that was helpful for people.
SHANKARA: Awesome. So you worked with one of the most prolific open source designers in the space. Do you want to tell us about him and what was your experience working with him?
DOMINGO: So Stephen was amazing. I actually was really lucky because I got to meet him at the first BitDevs I ever went to. I knew him a bit and I also saw him at the bitcoin conference. It wasn't my first interaction with him, that was really great. And he just has this really great personality where you just want to create. He's so encouraging, he's like, let's build something, and he really helped me through that process because I was working on a team where these people were way more experienced than I am. They've worked on many projects, and halfway through I felt a little stuck because I was like, I don't have as much experience as them so like, how can I help? And luckily I reached out to him and he was like, alright, I understand because working on open source projects is not easy, because there's not a lot of like a boss telling you, this is what I want, this is what I need.
It's more collaborative. It's like free flowing ideas, taking what you want it to be and building that and that's amazing. So he said, just comment on the different designs that they had. He gave me such great advice. And he really gave me more confidence to just go in in the second half and be more motivated because he was like I understand where you are, but these are things you can still work on and he even took, like an hour out of his time. And we sat on a call and he was like here like this is how you can design some of these wireframes and make them kind of go from low fidelity wireframes to high fidelity wireframes and make them look more authentic. And I saw him do this in like five seconds. He did it so easily, and I was like wow, like that's amazing! He showed by example, he led by example. And he was so understanding and he met every point and made sure everyone got to say, everyone was contributing. And I couldn't ask for a better mentor . He really helped everyone I think and he was just so much fun to work with.
SHANKARA: What are your plans now after Summer of Bitcoin? Are you currently working on bitcoin; what's next on your radar?
DOMINGO: I actually want to dive more into business development. I still love design. I've actually been working on like a few figma files, just you know, to keep getting better at designing, creating, taking something that is in my head and visually representing it. And so, just taking that practice of keep on designing but also understanding other aspects of things I think is really important and that's kind of where I'm at right now. So I haven't been working on a certain project or anything right now.
I have just been working on Generation Bitcoin, working on design and kind of finding my way about the business development side and understanding the business aspect of bitcoin.
SHANKARA: Alright. What advice would you give to a beginner bitcoin designer who wants to get started with contributing to bitcoin design?
DOMINGO: I think the best resource to look into is the bitcoin design community - that has introductory information on bitcoin. And it also kind of has a guide to ‘this is what you kind of have to do in order to create a product in design’. We also have an amazing community with a bunch of different bitcoin design designers who work in the space. You can join their slack, ask questions in the slack, it's super open, everyone's so helpful. And you make connections, you meet people, and I think that's one of the best things to do when you're in the bitcoin space, is go to conferences, go to all these meetups and meet as many people as you can because there's always something to collaborate on, there's always something to build. And what's great about the bitcoin space is everyone is looking for that. No one's like, no, I have the best wallet or I have the best hardware wallet. No, it's like we're a community and we're building this thing and helping make it better for everyone else. And it's such an uplifting space. That's also another thing that the bitcoin design community has is it's like, alright, ‘you're a developer, you're a designer. I have this idea. You think this is feasible? Alright, let's do it.’ And I love that you know, it's taking action and making things and I think that's what the bitcoin design community and bitcoin in general is all about.
SHANKARA: Alright, Summer of Bitcoin 2023 is around the corner. Do you have any specific tips or advice for those who are looking to participate and want to get selected in the 2023 program?
DOMINGO: Whether you're a developer or a designer, the first process is just at least having some basic information of what you're doing. Because the first process that you have to go through is - these are the things that I've done. So having your portfolio, submitting your portfolio, saying this is what I got, and this is what I offer.
Definitely creating a place that you have all your work compiled into that is easy to look at - so what I did was I have my website, which is basically just my portfolio, everything that I've done, the presentations I've given and stuff like that - put that into an easy place that shows your work and shows who you are, to give them a good understanding.
Then once you get into the second round, which is more of diving into bitcoin and learning about bitcoin topics, go through all of the information because every single article, every podcast, every video that they have, within the curriculum, it's gold! They are so specific, they talk about a certain point, and they really help you understand bitcoin. And if you're a designer, you might not think like I'm not into the development side or the technical side of bitcoin. There's no getting around it. You have to understand the technical side in order to design in the space and by really going through every single concept, every single thing and really understanding it and coming up with your answer to your questions, meeting up with your partner beforehand to make sure that your answer is solid and your explanation makes sense, will make all the difference. You really have to kind of go the extra mile to understand this and I think one thing is you're going to get out of it what you put in. So if you put a little bit you'll understand that and that's fine.
But if you put in a good amount of work and you fully understand what is going on, what is happening - you just build a whole space around you where you can talk to other people and meet people from all over the world. Like I still have friends that I talk to on discord that I met at Summer of Bitcoin. Make acquaintances, don't feel afraid to reach out to people because like from the two friends that I made in the first two weeks, I still am in touch with them. And if I ever had a question about the material, if I ever was like so what are you doing for this? They'll always come back and be like, yeah, this is my explanation, this could help.
So you have a community that you have access to when you join Summer of Bitcoin - take advantage of that because the people are so nice. They're working towards the same goal. And you're going to make lifelong friends I think and you're actually working on something and you're helping each other out. So I love that aspect.
SHANKARA: Awesome. So that's a good place to wrap up. Thank you so much, Autumn. Where can people follow you and your work on the internet?
DOMINGO: My Twitter is autumndomingo_. I also have a website autumndomingo.com if you want to check me out there. You can also access my email on my website, probably Twitter is the best way to get in touch with me. Feel free to send me a DM if you have any questions, if you want advice, if you just want to talk about bitcoin - literally anything, I know I don’t have anywhere close to any grand amount of knowledge in the bitcoin space, but I'm here to offer as much as I can.
SHANKARA: Okay, this is fun. Thank you so much!
DOMINGO: Thank you for having me.
JOBS IN BITCOIN
If you are a fresher straight out of college, here are a few exciting job postings we recommend:
Engineering:
Software Engineer Intern | Riot Blockchain Inc. | Austin, TX, USA | Apply
Vue.js developer | LNS | Remote | Apply
Software Engineer (Fixed Project) | Joltz | Remote | Apply
Front End Developer | Foreman | Remote (US) | Apply
Frontend Engineer | Vulpem Ventures | Remote | Apply
React Native Developer | Synonym | Remote | Apply
Full Stack Software Engineer - Front End | NCR (LibertyX / LibertyPay) | Remote (Georgia) | Apply