How to read your bank-account on a public blockchain?

One of the ways public blockchains are touted is that they can replace your bank account. The idea is that you don’t need a central system anymore, but can open any number of accounts, as needed. However, as there is no central place, it is sometimes difficult to know how much money you have left. For this to know, you first need to make sure to get a verified copy of the blockchain you’re using.

For every blockchain system, you need to do at least the two following tasks:

  1. Find the latest valid block
  2. Create a proof of your account and the number of coins contained

I’m looking at 4 existing blockchain systems: Bitcoin and Ethereum for their 1st and 2nd place in the blockchain ecosystem. DFinity and Mina for two new systems that rethink how blockchains are done.

Bitcoin

Finding latest valid block in Bitcoin: this can be done in Bitcoin by downloading only the block headers and verifying them. For this, you need to download 725k block headers (as of March 2022) with a total of 80MB of data and calculate 725k of sha256, which takes less than 1 second.

Creating a proof: this is much more difficult. If you want to find out how many coins you have left, you need to download 380GB of data, and create a database with 750M entries. This is because Bitcoin uses so called Unspent Transaction Outputs (UTXO), and you need to make sure that none of these has been spent in the meantime.

Ethereum

Finding latest valid block in Ethereum: this is very similar to bitcoin, but Ethereum already has 14M blocks (as of March 2022), and bigger headers. So for finding the latest valid block, you need to download all block headers, which amounts to 7GB of data. Then you need to calculate all keccak-hashes, which should not take longer than a couple of seconds.

Creating a proof: Ethereum has a big advantage over Bitcoin, as it uses an account-based system. And every block contains a summary (Merkle tree root) of all the accounts. This summary is done in such a way that you can create a short cryptographic proof of your account for the latest block. Everybody with the knowledge of the latest block can then verify your account. To create this proof, you don’t need to re-calculate the whole blockchain. But you do need to know all the accounts in the blockchain. And the size of this database is currently about 500GB.

DFinity

Finding latest valid block in DFinity: this system signs all new blocks with a globally unique, never-changing key. This is done with some advanced key-sharing mechanism. It also means that it’s enough to download the latest block and to verify the signature of this block. No need to download all headers or even the whole blockchain.

Creating a proof: as with Ethereum, to create a proof that you actually have the money, you need the full state of the blockchain. I couldn’t find this information on the DFinity dashboard.

Mina

Finding latest valid block in Mina: you have to download the latest block to know the state of the chain and to be sure that it is a valid block. But instead of using a sharded private key like DFinity, Mina uses recursive Zero-Knowledge Proofs. The specific technology is called zk-SNARKs and allows to have a snapshot of all transactions in a constant size of 1kB.

Creating a proof: as with all the other blockchains, you need the full state to create a proof of your account. This proof is always around 22kB .This is explained in more details here: Mina Protocol – A Succinct Blockchain.

Conclusion

As you can see, there has been quite some progress when it comes to find the latest valid block. Where Bitcoin and Ethereum require you to download all block headers, DFinity and Mina make it much faster to find the latest valid block.

But this is only half of the proof to show how much coins you have. To create the other half, somebody needs to keep the full global state of the blockchain. This doesn’t need to be necessarily the client. As you can verify the proof, a third party can create this proof for you. And you can verify whether the proof is correct.

Now I wonder whether it is possible to keep only part of the global state, and still be able to create proofs. This would allow the nodes to hold less data, and be run on cheaper machines. Ethereum has some ideas how you could expire old accounts, and, if needed, revive them: State Expiry Proposal.

— Linus