- Who is allowed to read the database?
- Who is allowed to transact (private vs. public)?
- Who is allowed to commit new data to the blockchain?
- What is a valid operation/transaction (What can be added to the database?)?
- What is a valid block?
- verify blockchain requires full knowledge of all data on the blockchain
- public verifiers/block producers -> public blockchain
- may still contain encrypted (but validated) data
- Even if the blockchain is publicly auditable, does not imply everyone can add data
- Adding data may require a valid and authorized signature
- By this, people can be allowed to do A, but prevented from doing B
- Permission-less ledger: "No one can stop you from playing by the rules!"
- Those "rules" are defined below and thus already restrict a permission-less ledger.
!Authorization!
- Miners, Stakers, Minters, Witnesses => block producers
- Requirements from Consensus Mechanism need to be fulfilled
- Maybe predefined producers, maybe voted, maybe undefined
- What kind of data can be added?
- transfer operations?
- deployment of smart contracts?
- trade orders?
- lending orders?
- any kind of relational data
- even object-relational data
- or raw data
- What requirements does this data need to fulfill to be valid?
- double-spending of funds?!
- overwriting of existing keys?
- user is allowed to perform operation X?
- user is allowed to perform operation X on account Y?
!Validation!
The "what is allowed" needs to be defined in the rules (i.e. the blockchain protocol) of the specific blockchain.
- valid previous hash(!)
- valid hash of the content (e.g. transactions, operations, merkle tree, ...)
- data and time within a tolerance (NTP)
- valid "consensus" requirement (e.g. pow, pos, signature, ...)
- What is a valid transaction (What can be added to the database?)
- simple "transfers" of an amount of bitcoin/satoshi from an address to a "Script"
- most used "target scripts" are also just addresses
- require proper signature from the spending address (coin owner)
- What is a valid block
- set of valid transactions (merkle tree root)
- date
- organizational data (nonce, protocol version, etc)
- valid proof of work
- Who is allowed to transact (private vs. public)
- anybody that has bitcoin and owns the private key(s)
- Who is allowed to add data to the database?
- POW miners