In a previous video, we had an overview of the blockchain as a technology with a lot of similarities to a shared database. It has four components: the user application, which maintains the identity and generates the data, the network to which the data is broadcast and propagated, the structure, that data stored on the blockchain, and the data processing mechanism that is the consensus. In this video, we'll look at the first component, the concept of identity in a blockchain. Most implementations of the blockchain, particularly public blockchains like Bitcoin or ethereum use public key cryptography to maintain a certain level of anonymity. In this setting, an identity in a blockchain is simply a pair of public private keys. This is how it works. Suppose you want to use the Bitcoin network to send or receive some payments. Here, just like PayPal where you have to register an account, you need to generate an identity, or "Username for yourself." Unlike PayPal however, in Bitcoin, this is a much simpler process and that takes a fraction of a second. You'll simply use an app or do it by yourself to generate a pair of encryption keys. These keys are essentially very large random numbers that are mathematically linked and such that other people cannot easily guess one from the other. Both keys can be used to encrypt data that you generate, and you're going to call one of them the public key and one of them the private key. Doesn't matter which one you pick. The important part of this process is the mathematical link between the keys. They're set up such that the data encrypted with your public key can only be decrypted with your private key, and vice versa, data encrypted with your private key can only be decrypted with your public key. Now you can see why it's useful. You're going to publish one of the keys, your public key as much as possible. Put it on your blog, put it in your email signature, etc, because the public key serves as you're receiving address for data that other people send to you. That's what's underneath that Bitcoin wallet address that you see everywhere online. Suppose your friend wants to send some Bitcoin to you. Then what he'll do is simply generate the transaction data and designate your public key as the receiver. Then only you can "Open" it by decrypting it with a private key, which only you have and you will try to keep it a secret as possible. On the other hand, when you want to send the money to someone else, your private key serves as your signature. You're going to generate the transaction data to someone else's public key and you are going to encrypt it with your private key. This might seem trivial and pointless because anyone can decrypt it with your public key. But that's precisely the point Because any information that can be decrypted by your public key must be encrypted with your private key, which only you have and no one else has. Therefore, other people such as the nose or the miners can verify that the transaction indeed came from you by decrypting it with your public key. This is called checking the signature. If they cannot decrypt it with your public key, then the transaction is not signed by your private key, and therefore did not come from you. This setting ensures that a transaction can only be initiated with a person possessing the private key and no one else. Immediately, there several caveats that would need to note. First, as you can see, there's no inherent KYC rule or know-your-customer rule on the blockchain. Your only identity there is the public private key pair. Because these are essentially random numbers, you can create as many as you want just like a user name or email address. For example, you can create one key pair to receive some Bitcoin then spread it to a 1,000 other key pairs and use each key pair for one transaction only. This gives you a certain level of anonymity because on the blockchain, the public only sees the transactions between the public keys. We cannot tell the link between the keys and the actual people. At the same time, this setting is only pseudo anonymous or pseudonymous because we still see all the transactions, so we can uncover a certain amount of information by running sophisticated machine learning algorithms on these transaction data. Also, if you for example, acquire Bitcoin using legitimate means such as buying it on an exchange, the exchange would maintain the link between your identity, your actual ID, and the key you use, depending on which jurisdiction they're located. In the US, this KYC role is required. Finally, you need to realize that the public key encryption setting is significantly weaker form of security than say two-factor password authentication used by banks. A lot of blockchain solution providers use marketing pitches like, this is a more advanced and more secure form of transaction and is simply not correct. Because here your private key is your only form of authentication, and you are 100 percent responsible for keeping it secure. If someone steals your private key is game over. They can use it to sign away all your transactions and there's absolutely no recourse. This is a very heavy security requirement and one that's hard to meet. We'll talk about hot and cold key storage in the cryptocurrency module but people have gone as far as printing their keys out and storing those in nuclear heartened bunkers. But even that, suppose you loose or forget your private key. Then is also game over because there's no way to recover it from your public key or otherwise. We'll go over some high-profile examples where people have lost hundreds of millions of dollars worth of Bitcoin this way in the cryptocurrency module. But suffice to say that, the identity and security arrangement on blockchains, particularly public blockchains, is much weaker than traditional centralized channels such as banking.
