The first sentence of the abstract describes bitcoin as a peer-to-peer version of electronic cash. There is no financial institution, or third party required to facilitate payments. This is a simple enough concept, but it raises many questions. How can there be no banks? Where do I access my bitcoin? What value does bitcoin have, and to who? In this blog post, we will take a closer look into the Bitcoin Whitepaper, which was released in 2008 from Satoshi Nakamoto, and why the underlying technology, blockchain, has continued to have advancements and uses past financial transactions.
This section of the whitepaper details why there is a need for Bitcoin. Our commercial transactions on the internet, or e-commerce, is reliant on financial institutions. It works most of the time, but there are some real problems with it. Transactions can be reversed, for example, which may put people providing non-reversible services at risk. Consider a hairstylist who does not receive payments for services when a customer disputes the charge. Also, the mediation of any transaction disputes raises the overall cost of transactions. Think about transaction fees from your bank. Lastly, in our current system, we accept a level of fraud because its “unavoidable.”
What is the solution? A payment system that allows any two willing parties to participate in a transaction without a trusted third party. Peer-to-peer, cryptographic proof, timestamps, honest nodes, CPU power. Let’s go a bit deeper.
If I were to make a purchase at a store, I would need to hand over some cash or some debit/credit payment to gain ownership of an item. Bitcoin, in comparison, transfers ownership with digital signatures. To transfer a coin, the owner must digitally sign (with their private key) a hash of the previous transaction and the public key of the next owner. Thus, we start to see the idea of a chain of digital signatures which can verify the chain of ownership. For example, Andrew sends Bitcoin to Emily, Emily sends to Andoni, and Andoni sends to Conor. This chain of transactions shows that Conor is the current owner of that coin.
There is one problem called the double-spending problem. If Andrew sends the same coin to both Emily and Andoni, who does the coin belong to? A trusted central authority could verify all transactions, but Bitcoin wants to avoid a third party in transactions. Bitcoin instead makes all transactions public, and a system must be introduced that has participants agree on a single history. Do most participants think that Emily or Andoni is the owner of the coin? In Bitcoin, they will ensure that participants agree that the earliest transaction, via timestamps, counts.
3. Timestamp Server
The timestamp itself also has this idea of a chain. We hash together a block and publish it to everyone on the network. The timestamp on this block proves we have some data, and each timestamp hashes together the previous timestamp to link our chain. A block can be any kind of data, but in Bitcoin it is a group of transactions.
Proof-of-work is how consensus can be achieved. Users must look for a value, called a nonce, that when hashed with the block results in a hash that begins with a certain number of zero bits. Finding this nonce becomes more difficult when the number of zero bits required increases. Bitcoin changes the number of required zero bits based on an average, to make sure blocks don’t get generated too quickly. A CPU must increment the nonce until they get a hash with the correct number of zero bits, which requires CPU effort. After the nonce is found, the block of data cannot be changed without performing the work to find a new nonce. Because blocks are chained, each subsequent block would need to find a new nonce. Therefore, it is unlikely/almost impossible to change data on the chain. The CPU that finds the nonce should let the other CPUs know that this hash has been solved. The network agrees on the history by following the longest chain, because this chain has the most proof-of-work in it.
There are 6 Steps detailed to run the network.
- New transactions are broadcasted to all nodes.
- Each node collects new transactions into a block.
- Each node works on finding a difficult proof-of-work for its block.
- When a node finds a proof-of-work, it broadcasts the block to all nodes.
- Nodes accept the block only if all transactions in it are valid and not already spent.
- Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash.
Here we see some of the ideas we’ve discussed: public transactions, blocks, proof-of-work, chain. The nodes on the network should always follow the longest chain when attempting to create the next block.
As stated earlier, finding the nonce for a hash is a lot of work. So why should nodes attempt to solve it? The first transactions in each block issues a new coin to the block creator. So, whoever finds the nonce first is rewarded with 1 Bitcoin. This ensures we have Bitcoin enter the network. Bitcoin has opted to have a fixed number of Bitcoin enter the system; once this number is reached, incentives will occur based on transaction fees. This fixed number prevents inflation.
7. Reclaiming Disk Space
A new data structure is introduced that helps save disk space for the users. Storage would be a real issue for many nodes if all the data from every transaction was kept. Instead, the Merkle Tree hashes the transactions together in a binary tree like structure where the parent node is the hash of the two children hashes. Only the root hash of the tree is stored in the block to ensure the chain stays intact and unchanged. After another few blocks are created, tree branches of the older blocks can be removed. Block headers do have a size of about 80 bytes, which would require about 4.2MB of space per year.
8. Simplified Payment Verification
Verifying payments are easy and doesn’t require having a node. To check for a payment, you must get a copy of the block headers for the longest chain. Then you can see the Merkle branch that links the transaction to the block. Although you can’t see the actual transaction, you can see that it is on the chain, and therefore has been accepted by the network.
9. Combining and Splitting Value
The key to this section is that a transaction can have multiple inputs and multiple outputs. Inputs can be combined to have a larger total payment. Output values are for the payment and to return any change back to the sender. So let’s say Conor wants to send 3 bitcoin to Andrew. Each of Conor’s bitcoin are different because they have a different chain of digital signatures. Instead of performing three different transactions for each of these coins, all the bitcoins can be combined into a single transaction.
People traditionally keep their finances private. I do not let everyone know what I purchased, for how much, from whom, and at what time. But, as stated earlier, making transactions public is essential to maintaining the chain. To keep some level of privacy, only the amount the someone is sending it made public. The public keys are kept anonymous so no one can link a payment to anyone.
Nakamoto walks us through the probability of an attacker trying to generate a chain faster than the honest chain. Even if an attacker is successful in doing this, he or she can’t really do too much damage; the attacker can try to change only his own transactions to take back the money he spent. Because the probability of an honest node finding the next block should be higher than the probability of an attacker finding the next block, the probability of the attacker’s chain catching up/passing the honest chain drops exponentially the more blocks the attacker is behind. While it is very unlikely an attacker is successful in changing a past transaction, the recipient of payments should wait a few blocks to be certain the transaction’s block was included in the chain.
That’s it! We have our coins that have owners associated with them, a way to send payments to others anonymously, a mechanism to have everyone agree on valid transactions, and preventative measures for attackers. Very cool stuff!
In the next blog post in this Blockchain series, we will take a look at other applications for this technology. Check back with Launch Site soon!