I liked your video but one important thing, to me, that was missing was that you never once pointed out that hashCode() is a horrible choice. It's nice for a quick and simple demonstration but you should've pointed out (IMHO) that hashCode is never, ever, ever to be used but an actual cryptographic hash like SHA-256 (and even only a subsection of those since MD5 for example is, for all intents and purposes, broken). Every hash has, by definition, collisions but collisions in cryptographic hashes are very hard to create (making it hard to falsify transactions) but hashCode() is, and was, never intended to be used for such purposes and is very easy to "fool" (e.g. find some creative way to 'pad' the transactions with some whitespace here-and-there for example to result in the same hashcode).
I'm not sure you are aware of this (I'm assuming you are) but if not I'm glad to explain a bit more in-depth.
I liked your video but one important thing, to me, that was missing was that you never once pointed out that
hashCode()is a horrible choice. It's nice for a quick and simple demonstration but you should've pointed out (IMHO) thathashCodeis never, ever, ever to be used but an actual cryptographic hash like SHA-256 (and even only a subsection of those since MD5 for example is, for all intents and purposes, broken). Every hash has, by definition, collisions but collisions in cryptographic hashes are very hard to create (making it hard to falsify transactions) buthashCode()is, and was, never intended to be used for such purposes and is very easy to "fool" (e.g. find some creative way to 'pad' the transactions with some whitespace here-and-there for example to result in the same hashcode).I'm not sure you are aware of this (I'm assuming you are) but if not I'm glad to explain a bit more in-depth.