For those of you interested in building a crypto project, please apply to a16z’s new Crypto Startup School. The seven-week educational program will teach participants about the fundamentals of blockchain technology and why it matters; applications and ideas for the future; and best practices for building a startup in the crypto space.
Blockchain technology — and the cryptocurrencies they enable — have the potential to reshape the world as completely as the internet did 30 years ago. Just as we don’t need to understand what TCP/IP is or how packet routing works to use the world wide web, we don’t need to know all the details of crypto to use it or benefit from it.
When I first fell in love with crypto, I was still serving as a Green Beret in the U.S. Army Special Forces. I was fascinated by the idea that math and game theory could form the foundation of a new economy, and I hungered to learn more. But despite some engineering and math classes in undergrad, I really didn’t have a deep technical background. I had no idea where to start. I began haphazardly studying computer science, game theory, and cryptography. It was only during my time in graduate school that I had the opportunity to put it all together and learn from some of the leading experts in these fields in a structured way. And even now, I still don’t feel like a true domain expert.
The fact is, in a space that evolves as rapidly as crypto, no one really is an expert. But knowing where to start can help make the subject more approachable to anyone. To that end, below is a glossary of terminology and key concepts in the space — it covers the basics of cryptography and blockchain, smart contracts and applications, security/privacy, and other useful definitions. We hope this glossary serves as both an introduction and as a reference for newcomers and crypto veterans alike. You can also find our previous Crypto Canon of readings and other resources here. Better yet, we hope all of this inspires more people to learn more about this exciting space. And for those who are interested in reshaping our concept of computing, finance, and even society to help build a better future, please also check out Crypto Startup School. –Alex
Basic Cryptography Terms
Secret codes and ciphers have been used to hide information throughout history, even before computers existed. The study of these techniques is called “cryptography” (from Greek “kryptos”, meaning hidden). In the internet era, cryptography is used to protect computer information — the massive volume of data flowing over networks and routed through millions of computers every second. Without cryptography, information exchange and commerce at the speed of the internet would be impossible.
If two people want to communicate securely with each other, cryptography lets them:
- encode and exchange messages with each other, so that no one else who might intercept the messages can read them (“privacy”);
- ensure the messages they receive have not been tampered with in transit (“integrity”);
- know that the messages they receive are actually from the other, and not from another interloper (“authenticity”).
Cryptography is synonymous with secure communication, and the term “crypto” can refer to cryptography in the context of information security. More recently, however, “crypto” has become the informal industry term for cryptocurrencies and cryptonetworks.
cryptographic hash function
Cryptographic hash functions are special programs that ensure the integrity of data in digital applications. The outputs of a hash function are called “cryptographic digests” and are the foundational data structures upon which blockchains are built.
A hash function takes input data of any length and returns a value that is fixed length. This output value (sometimes called a “digest” or “tag”), is computed in a way that is —
- deterministic: the same input always results in the same output;
- non-invertible: the output reveals no information about the input;
- collision-resistant: no two inputs should result in the same output.
These properties allow hash functions to make finding information more efficient, yet also difficult to reverse-engineer. These functions — often considered the workhorses of modern cryptography and blockchains — are used to check for data-tampering. Therefore, they are well-suited to decentralized, permissionless applications.
The output of a hash function is called a “cryptographic digest”. A cryptographic digest is a unique, fixed-length tag representing a single piece of data. It is used to detect tampering, since even a small change to that data input to the hash function results in a totally different output. For example, a cryptographic digest of the Tolstoy novel, War and Peace, will differ from the cryptographic digest of the same novel with a single misspelled word.
Because of this property, cryptographic digests are well-suited for immutable record keeping. In a blockchain, these digests are linked together to create a ledger of transactions that no one can remove, modify, or otherwise tamper with. Therefore, anyone can reconstruct the blockchain from any point and verify its correctness.
A ledger is a list of transactions. Those transactions don’t necessarily have to be payments; they can represent transfers of any asset, such as real estate deeds or an interest-bearing security.
A blockchain is fundamentally a tamper-proof ledger. Because each ledger transaction is a cryptographic digest, an entry cannot be altered without detection. Furthermore, by hashing and turning the entire ledger into a cryptographic digest — as blockchains do — any addition, alteration, or omission of any transaction will change the cryptographic digest of the entire ledger. Thus, blockchains enable participants to audit one another in a decentralized manner.
public key / private key
In cryptography, a private key is a secret number or code. A special mathematical function is then applied to this private key in order to derive a second value, a public key. This value does not have to be kept secret because the public key reveals nothing about the private key.
By analogy, a public key is the address of your house, but the private key is the physical key that unlocks your front door. Simply knowing the address of a house does not help you to unlock the front door.
Why does this matter? In blockchain networks, a public key is the address to which assets can be transferred. Knowledge of the corresponding secret private key is the only way to spend those assets, just like a PIN code is required to withdraw from a checking account. But with public/private keys, you don’t need to trust a bank: You only need to trust the underlying math of a well-proven cryptographic system, the same system that already protects trillions of dollars-worth of payments over the internet today.
Just like fingerprints, digital signatures are unique to a single person or entity. These signatures are mathematically derived from a special pair of numbers called a public/private key pair. A signature on a public key can only be created by the holder of the corresponding private key. Just like a real signature, a digital signature should convince the recipient that message is authentic.
General Blockchain Concepts
The “state” of a system is a snapshot of that system at a given point in time. For instance, “state” might refer to an individual checking account balance; after spending $20, the state of the account should represent their new, reduced balance. The state of the system is usually maintained by trusted third party, like a bank or a company web server.
Blockchains enable decentralized networks to maintain a shared state among nodes. They allow each individual node to maintain a global state, or shared “truth”, with other network nodes without relying on a centralized party.
A protocol is a set of rules or procedures that govern a system — whether that system is a computer network, a town hall meeting, or a board game. For instance, in chess, individual players may have their own strategies — but the way in which each chess piece moves on the board is dictated by the rules (or protocol) of chess.
In networking, a protocol is a common program executed by multiple computers on the same network. These networking protocols govern the transmission and handling of information as well as execution of programs between interconnected but independent devices. For example, TCP (transmission control protocol) represents one of the foundational protocols for managing packets of information as they travel across the internet, powering applications like the world wide web, email, media streaming, and more.
In cryptonetworks, the most important protocol is the consensus protocol. This is the protocol followed by each network participant (or node) to create a single, shared state of the blockchain. In this context, consensus protocols replace a centralized record keeper or counterparty, enabling trustless, peer-to-peer interactions.
peer-to-peer (p2p) network
In a classic, centralized client-server network, data is requested by one class of computers known as “clients” (PCs or mobile phones, for example) and is “served” by another class of computers called servers. Facebook is an example of the client-server network model: Facebook profile data lives on Facebook servers, and is sent to the user when they open the app on their phone.
This hub-and-spoke model is a highly efficient but brittle system since the server is a “chokepoint” and centralized point of failure. Contrast this with a peer-to-peer network, where the connections resemble more of a “spiderweb”. In a peer-to-peer network, each node operates under a single communication protocol to transfer data between them; this model is often less efficient, but much more resilient because there is no single point of failure.
Perhaps the most famous example of a peer-to-peer network is the internet itself. The original internet, known as ARPANET, was invented by the U.S. Department of Defense as a way to ensure defense communication would never go down, even in the event of nuclear war. Disabling individual ARPANET nodes would not stop message traffic; they are simply routed along different paths to the same destination. Similarly, shutting down a single node, or even multiple nodes, on a blockchain network does not stop transactions from being processed.
A node is a device that participates in a network by following the network protocol. Individual nodes can perform a variety of roles, such as caching data, validating information, or forwarding messages to other nodes.
Depending on the network, each node can have a unique role or multiple nodes can share a single role. This architectural design choice reflects a fundamental tradeoff between network redundancy (coverage in case one node goes down) and efficiency.
Byzantine Generals’ Problem
One of the fundamental challenges in any distributed computing system is coordination among a group of machines where any one of them could be malicious or malfunctioning.
For example, imagine a Byzantine army separated into divisions led by generals camped around an enemy city. How can these generals communicate with each other only by messenger to agree on a plan when one or more of them may be “traitors” who will try to confuse the others? Similarly, how do participants in a decentralized network communicate and coordinate with each other towards some action without relying on a trusted third-party? This is the Byzantine Generals Problem.
Because blockchain networks assume no trust between participants, their underlying consensus protocols must all somehow address this problem to overcome faulty or malicious adversaries who try to subvert the system.
The consensus protocol is akin to the operating system of a blockchain. But blockchain consensus algorithms are special, because they define how to resolve disputes between nodes that received conflicting data.
Think of a consensus algorithm as a digital, impartial judge that hears both sides of an argument to arrive at the “truth” of what actually occurred. This judge then determines how to proceed according to a set of predetermined laws or rules. These rules must account for three key properties:
- liveness, which ensures that data can always be added and the network never gets “stuck”;
- agreement, where all nodes in the network eventually agree on the same value; and
- safety, which ensures that an agreed-upon value does not violate the protocol.
Research has shown it is impossible for truly distributed, permissionless networks to achieve all three of these properties. This means that blockchain designers face tradeoffs about what to prioritize. Consensus algorithms aiming for speed often limit the number of network participants, making it less decentralized. On the other hand, protocols that prioritize decentralization and failure-prevention tend to be slower and less performant.
Decentralization is the degree to which control — power, resource allocation, etc. — over a given network is distributed across a large, representative base of independent actors.
In most systems, there is a tradeoff between efficiency and decentralization, because coordination costs increase with the number of participants. However, decentralization also provides redundancy and fault-tolerance that a centralized system cannot match. Take the analogy of a democracy, which could be considered a “decentralized” political system. Even though the American democratic system can be inefficient and messy at times, it has proven remarkably resilient. Similarly, blockchain networks are strictly less efficient than centralized databases, yet offer the unique properties of redundancy and censorship-resistance.
Previous efforts to create a decentralized digital currency failed because there is no “scarcity” in the digital world. Bits can be infinitely reproduced — just as easily as an image or line of text can be copy/pasted. In contrast, a dollar bill or bar of gold has physical scarcity because the owner does not physically possess either after payment for a good or service.
Prior to Bitcoin, the only known way to do digital payments was to use a centralized record-keeper (such as a bank or credit-card company) to keep track of account balances and transactions for every individual. This entity also ensures that no one spends the same balance twice, which replicates the physical scarcity of real currency.
In blockchains, there is no central record-keeper, so the solution to the double spend problem must be solved through the rules of the network. The original and most famous solution to the problem of digital scarcity is Bitcoin, which combines a system of economic incentives to reward honest participants who correctly perform a “proof-of-work” to prevent double spending.
A proof-of-work demonstrates the use of a specific resource. In the physical world, the ultimate scarce resource is time, so a proof-of-work could be a simple timecard of hours spent at the office. In the digital world, it is trivial for a computer to “forge” a simple timecard. So, we need some other proof that some computational resources were expended.
In the 1800s, gold miners in California were paid by weight for the gold they physically extracted from the ground. Because gold is scarce, the amount of gold a miner brought for payment was proportional to the amount of effort they spent to get it. It was also easy to verify that the gold was real; a manager could simply weigh and inspect it in a fraction of the time it took to mine. How could we replicate this in a decentralized, digital world? One solution is to have a computer solve a puzzle with the following requirements:
- Each instance of the puzzle should be unique; solving a previous puzzle doesn’t help solve a future one (like how a real miner cannot “re-extract” the same vein of gold).
- The puzzle should be relatively hard to solve, but easy to verify.
This is similar to how blockchains replicate the physical scarcity of the real world. However, instead of mining gold, computers must solve a special type of math problem (or millions of them) that take at least a certain amount of time.
Because of its similarity to the analogy above, this process is called “mining”. When submitting a block to the blockchain, miners must present the solution to this math problem, along with the transactions that they want to include in the proposed block. Invalid solutions (which though hard to compute are simple to check) are rejected by the other miners in the network. This mechanism encourages rational miners to only submit valid blocks, or else they will have wasted time and effort.
A blockchain is a tamper-proof ledger organized into a series of linked “blocks” containing data. These blocks are added according to a set of special rules (known as a consensus algorithm). This enables networks of physical computers, working together in concert, to form a single virtual computer.
Blockchains are distinct from other computer networks because they are permissionless. Any computer, anywhere can become part of this larger virtual computer as long as they follow the consensus algorithm.
In a blockchain, the blocks themselves can be thought of as the computer hard drive. The consensus algorithm is like the operating system (like a Windows or MacOS). And the peer-to-peer network is like the silicon semiconductor circuits that carry data between different parts of a computer.
Unlike a traditional computer, a blockchain computer can offer strong trust guarantees, rooted in the cryptographic and game-theoretic properties of the system. For example, a user or developer can trust that a piece of code running on a blockchain computer will continue to behave as designed, even if individual computers in the network try to subvert the system. Thus, a blockchain computer enables disintermediated, peer-to-peer interactions and digital services that are owned and operated by communities instead of by corporations.
A block is like a folder that contains “files”. The contents of this folder are the transactions that occur over a given time interval (hashed to a cryptographic digest). Each block contains a reference linking it to the previous block — hence the term “blockchain”.
Blocks are added by the miners or validators on a cryptonetwork according to a consensus protocol; they check:
- to ensure balances are not spent twice;
- that each digital signature matches the public key of the message; and
- that the included reference matches the hash of the previously-added block.
Because blocks are made up of cryptographic digests, they cannot be changed after the fact without detection. So blocks are effectively immutable once added to the blockchain.
People have tried to build decentralized payment networks many times. They never worked, because before 2008 (when the bitcoin whitepaper came out) there wasn’t a known solution to the double spending problem. The innovation of blockchain networks was introducing an economic participant into the system. This entity, known as the “miner”, is assumed to be purely profit-seeking and self-interested. Yet the sum of the individual actions of all miners enable truly decentralized networks of value: blockchains.
Miners are special nodes on a blockchain network who perform two key roles:
- They validate transactions to ensure that they are valid according to the network protocol; and also make sure the balances aren’t spent twice, or “replayed”.
- They compete with one another to find a solution to a random proof-of-work puzzle, in exchange for a network reward paid in the currency unit of the ledger they maintain (e.g., Bitcoin, Ether, etc.).
Creating a competition between miners was a key breakthrough that allowed Bitcoin to succeed where previous decentralized, peer-to-peer payment networks failed. Because they are rewarded for following the protocol, miners are incentivized to provide computational resources for securing the overall system. If they fail to do so, they pay the “cost” of foregone rewards.
Cryptocurrencies are more than just a digital form of value. For permissionless networks such as Bitcoin, they are a critical part of the game theory and incentive mechanism that keeps the network secure.
Like traditional money, cryptocurrencies can be considered as a unit of account, store of value, and medium of exchange within the system. Taking Bitcoin as an example:
- The service of “miners” or validators in the network are denominated and paid in bitcoin.
- For the system to remain secure, these miners must value the bitcoin they receive more than they value they would gain by exploiting the network.
- Bitcoin can be natively exchanged between parties on the network in a peer-to-peer manner.
The critical innovation of cryptocurrencies versus traditional payment systems is in that last part: peer-to-peer. This means the transfer occurs without a trusted third party, just like “cash”, only digitally.
Cryptocurrencies take a variety of forms and serve a variety of roles on a blockchain network. Some are mutually interchangeable or “fungible”, while others represent a unique, non-fungible asset. Some are interest-bearing investment assets, while others are “work tokens” that grant rights to perform a specific service. These are the ultimate flexible financial assets, which unlock tremendous value and enable applications that would otherwise be impossible in traditional finance.
Cryptonetworks are a fundamentally new way to design and incentivize internet-based networks. They arise from cryptocurrency movements, but the fundamental shift between these and previous internet -based economies is the creation of open, decentralized networks and protocols. An example of a past such protocol is SMTP, which enables email; even though Microsoft owns Hotmail and Google owns Gmail, no one company owns the email-enabling protocol itself. Numerous companies can therefore build on top of it without being proprietarily blocked by Microsoft and Google. This is the defining feature of open networks.
However, a classic challenge with decentralized networks is that they are public goods. Thus, incentivizing their maintenance and development is challenging. If there is no central entity (like a Google or Microsoft) supporting it all, who will build, coordinate, manage, and maintain these networks? This is where blockchains and cryptocurrencies come in: the former enables decentralized coordination, and the latter provides incentives for development.
Technically, a cryptonetwork is a public blockchain, maintained by nodes, on a peer-to-peer network. It is distinct from a private blockchain or distributed ledger because it is permissionless: Participation in the network is open to anyone and not limited to a single or pre-defined group.
Cryptonetworks use consensus mechanisms to create an interlocking system of economic incentives to secure the network and prevent double-spending. It is these economic incentives, along with some of the fundamental cryptography and computer science concepts defined above, that creates a redundant, fault-tolerant system that strongly guarantees the persistence of data and execution of programs on the distributed network.
Proof-of-work puzzles are based on hash functions, and are at the foundation of Bitcoin’s security model. Since the “work” is repeated hash functions, the combined calculations of every miner on the network to solve those functions is called the hash rate. In general, a higher network hash rate corresponds to a greater level of security for a given blockchain.
The security guarantees of Bitcoin assume that no miner controls a majority of the hash rate. If they did, they could execute a 51% attack. A 51% attack is like a “hostile takeover” of a blockchain. Because they have a higher hash rate than the rest of the network combined, an attacker can effectively rewrite the rules of the protocol and double-spend their own prior transactions. But even in this case, they cannot spend other users’ funds, since these are protected by cryptography.
application-specific integrated circuit (ASIC)
Most integrated circuits — like the CPUs in smartphones and laptops – can do a lot of different types of computations. For example, they render webpages or process user input during a game. ASICs (application-specific integrated circuits), on the other hand, can only do one computation. Yet they are engineered to perform that computation thousands or even millions of times faster than a PC or smartphone.
In crypto, ASICs optimized to compute hash functions now dominate proof-of-work mining. This activity has become increasingly concentrated among a handful of large, specialized firms. Some members of crypto community resent this as a source of centralization. Others argue that because ASICs can’t be repurposed for other tasks, they add “skin in the game” for miners and incentivizes them to act honestly (even if they could do otherwise).
In software development, a fork is a new branch of code that goes off in its own direction. Often, it also often represents (in open-source software developed outside of a company) a disagreement in the community which built and maintained the original code.
In crypto, a fork is a disagreement between nodes. The disagreement can be about what code is being run, or which blocks are included in the blockchain. Such a disagreement causes the blockchain to split into two parallel chains. There are two types of forks:
- A soft fork often occurs during software upgrades to the protocol. This type of “soft” fork does not result in a permanent split of the network and is more akin to a network migration or upgrade. In other words, nodes on the network remain compatible with one another.
- A hard fork happens when nodes in the network fail to reach consensus. In this case, the blockchain splits into two or more branches at the last point of agreement, and new valid blocks accepted on one fork will be rejected by the other.
Users with balances on the original blockchain prior to a hard fork will have the exact same balance on both “branches” afterward. Over time, the relative value of each fork determines who was “right” in the original argument. The market price of the native cryptocurrency of each fork is an economic “vote” on its respective utility. Value should flow to the branch users prefer.
The genesis block is the first block created on a blockchain. For Bitcoin, the genesis block was mined on January 3, 2009 by its pseudonymous creator, Satoshi Nakamoto. Fun fact: the Bitcoin genesis block contains the phrase “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks”, suggesting that Nakamoto was motivated by the global financial crisis.
The genesis block parameters set the rules for a given blockchain network going forward. Even if the network later forks, the genesis block is still included in the history for all branches.
Smart Contracts Terminology
A smart contract is a persistent computer program that runs on a blockchain network. Like legal contracts, smart contracts are agreements between two or more parties written in code that executes autonomously. Smart contracts are different from regular computer programs because the execution of the program is guaranteed, no matter who initializes it. Furthermore, these contracts persist (perhaps indefinitely) because data is effectively permanent once stored on a blockchain.
Second-generation blockchains (such as Ethereum) were designed for executing smart contracts. This was an evolution to a step beyond the simple financial transactions enabled by Bitcoin, enabling a general-purpose platform for decentralized computing. A blockchain network that allows for general smart contracts can therefore be thought of as a “world computer”.
This is a property of modern computer systems that enables universality, meaning that any program that could be conceived can be run on that machine. It is named for the famous British computer scientist, Alan Turing, whose work in breaking the German Enigma encryption system during World War II laid the foundation for modern computers.
Most modern programming languages are Turing complete. Ethereum is an example of a Turing-complete blockchain, along with most other smart contract protocols.
“Gas” is the fee paid to the miners of a blockchain to execute the code of a smart contract.
Imagine paying per character for social media post. You are incentivized to keep it short and sweet! Likewise, a smart contract that has more functionality (and therefore, consists of more lines of code) will generally cost more in fees than a shorter, simpler contract.
Just like LEGO-like blocks can be combined in any number of ways to build something new, composability enables the various components of a system to be mixed and matched to create novel systems and applications.
Blockchains are exponentially composable, since they are both permissionless and permanent. Each additional smart contract or application added to the network is open and accessible to developers looking to build upon and extend its functionality. By enabling and incentivizing a true open-source ecosystem, the possible applications are limited only to our imagination.
Interoperability is about systems talking to each other — whether devices, networks, or applications. It is a way of enabling compatibility between systems.
For instance, if a user wants to directly transfer assets/value across different blockchains, i.e. from Bitcoin to Ethereum, interoperability protocols create the “bridge” to enable this exchange.
Tokens are a digital representation of an asset. This could be either a native digital asset (like a digital baseball card) or represent a credit for some type of “work” or service (like gigabytes of files stored). Tokens are not cryptocurrencies themselves, but rather are issued from smart contracts built on top of other cryptonetworks.
The two most common token types on the Ethereum cryptonetwork are ERC-20 and ERC-721: ERC-20 is the standard implementation for fungible smart-contract tokens, while ERC-721 is the standard for non-fungible tokens. Both ERC-20 and ERC-721 tokens can be used in different ways, or even combined within a single smart contract, to extend the functionality and flexibility of the blockchain economy as a whole.
non-fungible tokens (NFTs)
“Fungibility” means that units of a currency or commodity are alike and indistinguishable. Examples of fungible currencies are $1 bills, each of which is alike and represents the same value.
On the other hand, non-fungible tokens represent unique assets whose value is independent from one another. For example, an NFT might represent a piece of unique digital artwork, a Mickey Mantle baseball card, or a share of physical North Carolina real estate. Despite this difference, NFTs can be exchanged in the same manner as any other token on a cryptonetwork.
The ability to represent unique assets greatly enhances the composability and functionality of cryptonetworks, since many real-world assets are non-fungible. In turn, this enables blockchains to support more flexible economies.
In proof-of-work consensus systems, miners expend energy to solve a puzzle and in return for a reward. In a proof-of-stake system, “validators” post a bond or “stake” to a smart contract, earning rewards or “interest” for properly validating the state of the blockchain.
By requiring validators to deposit tokens to participate, proof-of-stake systems not only align incentives for validating transactions correctly (as with proof-of-work), but go a step further by punishing bad behavior. If a dishonest validator violates the protocol, their deposit is “slashed” or confiscated and distributed to the remaining honest validators on the network.
One advantage of proof-of-stake over proof-of-work is that it does not “waste” energy. However, proof-of-stake consensus protocols are often more complex, and have their own unique vulnerabilities. A particularly hard problem is preventing “deep” reorganizations of the blockchain to double-spend prior transactions. In proof-of-work, it is infeasible to present a false “history” of transactions because of the computation that went into producing the chain. But in proof-of-stake, malicious miners can easily “simulate” a blockchain that appears valid but in fact is not. The most advanced proof-of-stake networks solve this through separating the chain into “epochs” as well as encouraging honest behavior through the slashing mechanism described above.
delegated proof-of-stake (DPoS)
DPoS is a type of consensus that limit the number of validators who can add blocks to the blockchain. These validators are selected through some type of network governance mechanism — for example, by a token-weighted vote per user account. Because it is not truly permissionless, this type of consensus is more centralized than proof-of-work (e.g. Bitcoin). Even though DPoS networks can process more transactions than proof-of-work cryptonetworks, this centralization makes them less versatile and more prone to bribery or censorship.
Validators are the miners of a proof-of-stake network. Like miners, the validators’ role is to collect transactions into blocks to add to the blockchain. For adding valid blocks, validators are rewarded in proportion to the amount of currency they post (“stake”) as collateral.
Cryptonetworks represent a major innovation in terms of decentralization and security. However, early cryptonetworks were highly inefficient (from a user standpoint) compared to modern payment networks. For example, the Bitcoin network processes about 5 transactions per second, while Visa can handle up to 50,000 transactions per second. This disparity has led to efforts for “scaling up” transaction throughput, hence the term “scalability”.
Sharding is a classic technique in distributed systems that reduces the load on the nodes participating in a network by eliminating the requirement that each node process every transaction. With sharding, each node instead processes only a subset of all transactions. This enables a much greater network throughput, though at the cost of some redundancy.
Layer 1 / Layer 2
One way to think about blockchains is to imagine them as skyscrapers: Structurally, a skyscraper can be divided into two layers: a foundation and a superstructure. Of course, the superstructure (where we live and work) can only be as tall as the foundation is strong.
In computer science, infrastructure and applications are often built using a similarly layered approach. This is at the heart of many blockchain scalability proposals.
- Layer 1 software serves as the foundation upon which other layers are built. Because it is the foundation, it should have extremely strong security and fault-tolerance — you wouldn’t want to construct a skyscraper on a weak foundation. An example of a Layer 1 blockchain is Bitcoin.
- Layer 2 software builds upon the Layer 1 foundation, making it more functional and composable. It inherits the properties of the layers it builds upon, yet extends the functionality of the system as a whole. An example of Layer 2 is the Lightning Network, which allows near-instant transfers between two users on the Bitcoin network.
The goal is to create a system that is both secure and efficient. By layering systems atop one another, it is possible to combine their individual strengths and minimizes their shortcomings. Because security is the most important property for Layer 1 blockchains, much of the focus on scalability (improving throughput) has been at Layer 2.
Finality means that something can no longer be reversed after a certain point in time. Think of burying an item under dirt instead of covering it with reinforced concrete. The dirt can always be dug back up, whereas the concrete effectively seals it off forever.
Interestingly, proof-of-work networks don’t guarantee finality. Miners add a little bit of dirt (a single block) at a time to the blockchain. Even though the whole chain is the equivalent of Mount Everest, it theoretically possible to dig it all back up. On the other hand, a proof-of-stake network “seals” or finalizes blocks at regular intervals. This means that past transactions can never be reversed even if the majority of the network is taken over by a single malicious party.
A stablecoin is a cryptocurrency that maintains a stable value (relative to another asset, such as the U.S. dollar) over time. Cryptocurrencies such as Bitcoin and Ethereum might experience huge price swings in a single day. As a result, they are seen by many as unsuitable for many everyday financial transactions.
Stablecoins attempt to address price volatility through one of the following approaches —
Fiat-collateralized: a user deposits real-world fiat currency (e.g. U.S. dollars) in a bank account of a trusted third-party, which in turn mints an equivalent value of stablecoins on a given blockchain and sends to the user.
Cryptocurrency-collateralized: a user deposits cryptocurrency into a smart contract running on a blockchain. The contract then issues a percentage of the deposit value to the user in the form of stablecoins. In other words, the contract loans stablecoins based on the value of a user’s deposited collateral
Seigniorage shares: where a smart contract replaces a central bank, and can thus programmatically increase or reduce the supply of currency in the system, ensuring that it maintains a stable value.
dApps or “decentralized applications” are just like other computer applications — except their code is written in a smart contract. This means that all of the data and logic to run the application lives on the blockchain, rather than on a centralized server. Because of this, no one really “owns” the application or the data once it is installed on the blockchain, so it is unlike any other application that download from the internet or purchase from an app store.
What distinguishes dApps from regular applications is that they are permissionless (anyone can run them) and permanent (they will exist as long as the blockchain exists). Because they are permissionless, anyone can interact with the smart contract without going through a central gateway. And since they are permanent, users (and other applications) will know that they will reliably exist in the future. This means that each dApp is like a Lego brick, which opens up a whole new world of possible applications.
decentralized finance (DeFi)
“DeFi” refers to dApps for finance, such as exchange, lending, and saving. DeFi applications inherit the properties of blockchains — digital, open, and decentralized — because they are encoded in the smart contracts on cryptonetworks. They combine traditional finance with the power of software to enable vastly more programmable and powerful financial applications.
Because they’re deployed on top of blockchains, stablecoins retain the advantages of cryptocurrencies — digital, global, easily transferable, and decentralized. Yet the mechanisms they incorporate to minimize price volatility make them a more useful medium of exchange, enabling a broad range of economic activity.
“Decentralized autonomous organizations” or DAOs represent exactly what they are called; they are:
- decentralized so, the rules cannot be changed by a single individual or centralized party;
- autonomous, so they operate based on logic written into a smart contract, without human. intervention. They will continue to function for as long as the underlying blockchain continues to function;
- organizations or entities that coordinate activity among a distributed community of stakeholders — for example, developers and users on a given blockchain network.
DAOs are examples of what is known as “on-chain governance“. In traditional corporate governance, for example, companies have bylaws that dictate certain policies, such as how a board is elected. A DAO extends this concept into the digital world by encoding bylaws into smart contracts.
An “airdrop” is a distribution of crypto tokens for free. It can be targeted (such as to specific key influencers) or distributed to all existing addresses on a given blockchain network.
Airdrops are like coupons or free samples that you might receive in the mail from a local merchant. Just like a coupon incentivizes you as a customer to shop at a specific store, so a free token might encourage you to try a new decentralized application or dApp. In other words, it is a bootstrapping mechanism to encourage initial adoption.
Security & Privacy
To be pseudonymous is to use a false name or persona to hide your real identity — much like Alexander Hamilton, James Madison, and John Jay wrote under the pseudonym “Publius” to promote the United States Constitution. This was a consistent identity, but one that was not linked to their real-world identity at the time.
Transactions on the Bitcoin network, for example, are pseudonymous because each transaction is associated with a public key rather than with a person’s real name. Nonetheless, Bitcoin transactions are still linked to a specific public key, and thus to a consistent identity (the associated real identity is often determined through forensic analysis). Thus, pseudonymity is a weaker form of privacy than anonymity.
In cryptonetworks, anonymity means un-linkability. That means no one other than the sender and receiver of the transaction knows who participated in the exchange, and for how much. Cash, for example, is an anonymous, peer-to-peer payment system.
Although anonymity is often associated with criminal activity, there are many legitimate justifications for anonymous payments. Few people are comfortable sharing their salary with neighbors, and no business would want to reveal details of its specific contracts to competitors.
Anonymity also gives currency the property of fungibility. Fungibility means that each individual unit is interchangeable, as in how we consider two separate dollar bills to be interchangeable. This is powerful because it creates the “network effects” that enable economies to grow to large scale.
A cutting-edge form of cryptography which enables one party to prove that they know the answer to a question, without ever revealing the answer to that question.
For example, a zero-knowledge proof would enable someone to prove that they knew the solution to a specific puzzle (is this person above 18 or not?) without showing the answers to the puzzle (what is their exact age and date of birth?).
These techniques can also be applied to traditional finance and regulation, enabling banks or other financial institutions to prove their solvency or financial health without having to reveal any nonpublic information. In blockchain networks, zero-knowledge proofs can be used to both compress information as well as to hide it. As a result, they enable both scalability and privacy.
View keys are a special derivative of a private key which grant the recipient permission to view a specific transaction from the corresponding public key.
If a private key is the door to a house, a view key is a window into a specific room.
View keys are a feature of certain anonymous cryptocurrencies, such as ZCash. They enable users to maintain anonymity in the network, yet selectively reveal certain transactions (to say, the IRS) without also revealing their private key.
Imagine being handed a sealed envelope containing a letter, and then being asked how many words the letter contained. You would have no way to answer that question unless you opened the envelope and counted each word.
Homomorphic encryption is a cryptographic technique that would let you count the words in the letter without opening the envelope. In cryptographic terms, this is called running a function over encrypted data. For example, homomorphic encryption would enable the U.S. Census Bureau to compute the average income of a given city without direct knowledge of the salary data of its residents.
Similar to zero-knowledge proofs, homomorphic encryption enables a user to provide useful information to a third party without revealing specific, private details.
Custody, in the financial sense, refers to a service where a third party (like a brokerage) holds an asset on behalf of a client. Because of the decentralized nature of cryptocurrency, each individual has the option to custody their own assets. However, doing so carries the risk that, if a private key is lost, there is no way to recover the balance on the account. It’s like losing the combination to a safe, only there is no way to unlock it or break into it.
This fact about cryptocurrency can be a major point of friction for new users, especially those who are used to credit cards and bank accounts. In response, an entire custody industry has emerged to ensure users can maintain the security of their accounts without having to manage (or even know about) private keys.
Cryptonetwork engineering is more like launching a space shuttle than designing traditional software. Because anything written to a blockchain is permanent, there is only one chance to make sure it works properly and doesn’t contain any fatal flaws.
This is where formal verification comes in. It uses mathematical methods to “inspect” the code of any program or smart contract before that code is run. Formal verification evaluates all the paths a program might take to identify unexpected bugs or unforeseen outcomes. Since all blockchain applications are permanent and deal with real world value, formal verification is the standard for blockchain software development.
In the context of crypto, governance is a fancy word for politics. It refers to the key decisions associated with maintaining and updating cryptonetwork protocols. As with every human organization, aligning interests and beliefs among human participants to reach agreement is the goal of governance.
Some cryptonetworks use “on-chain” governance to make decisions. For example, every user might submit a transaction to “vote” for or against some proposal. But even in a system with on-chain governance, there is always an informal “off-chain” process occurring at the level of human beings. If I don’t like the outcome of a vote, I can just turn my computer off and leave the network.
On-chain governance approaches tend to be transparent but inflexible, while off-chain governance is often opaque and messy yet more adaptable to unforeseen situations. Yet even though blockchains do rely on social consensus at some level, formalizing the rules on-chain and making actions transparent are a powerful mechanism that makes blockchain governance a political as well as a technological innovation.
A special type of digital signature scheme where there can be multiple signers for a single digital signature. A multi-signature or “multi-sig” transaction is only valid if it is signed by a set threshold of participants, just like some legal documents require a co-signer.
Multi-signature schemes enable more advanced smart contracts and Layer 2 scalability solutions. They are also particularly important for digital asset custody.
A reference to the pseudonymous founder of Bitcoin, Satoshi Nakamoto.
A “satoshi”, or “sat” also refers to a monetary unit of account on the Bitcoin blockchain (1,000,000 satoshi = 1 Bitcoin).
A financial term referring to the fulfillment of a contract and the physical delivery of a promised security or interest.
Acknowledgements: Thank you to Jesse Walden and Ali Yahya for their comments on specific definitions, to Katie Haun for her guidance on a version of this for our inaugural crypto regulatory summit, to Kim Milosevich for her feedback, and Chris Dixon for his mental models on crypto which inspired much of the above.
The views expressed here are those of the individual AH Capital Management, L.L.C. (“a16z”) personnel quoted and are not the views of a16z or its affiliates. Certain information contained in here has been obtained from third-party sources, including from portfolio companies of funds managed by a16z. While taken from sources believed to be reliable, a16z has not independently verified such information and makes no representations about the enduring accuracy of the information or its appropriateness for a given situation.
This content is provided for informational purposes only, and should not be relied upon as legal, business, investment, or tax advice. You should consult your own advisers as to those matters. References to any securities or digital assets are for illustrative purposes only, and do not constitute an investment recommendation or offer to provide investment advisory services. Furthermore, this content is not directed at nor intended for use by any investors or prospective investors, and may not under any circumstances be relied upon when making a decision to invest in any fund managed by a16z. (An offering to invest in an a16z fund will be made only by the private placement memorandum, subscription agreement, and other relevant documentation of any such fund and should be read in their entirety.) Any investments or portfolio companies mentioned, referred to, or described are not representative of all investments in vehicles managed by a16z, and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. A list of investments made by funds managed by Andreessen Horowitz (excluding investments for which the issuer has not provided permission for a16z to disclose publicly as well as unannounced investments in publicly traded digital assets) is available at https://a16z.com/investments/.
Charts and graphs provided within are for informational purposes solely and should not be relied upon when making any investment decision. Past performance is not indicative of future results. The content speaks only as of the date indicated. Any projections, estimates, forecasts, targets, prospects, and/or opinions expressed in these materials are subject to change without notice and may differ or be contrary to opinions expressed by others. Please see https://a16z.com/disclosures for additional important information.