Bitcoin paper explained
Bitcoin: A Peer-to-Peer Electronic Cash System — Satoshi Nakamoto (2008)
The original paper can be found here.
This is a technical summary of the well-known Bitcoin paper that takes you a step forward to grasp Bitcoin’s underlying techs in layman terms. Feel free to check out the original paper to get more details.
One sentence break-down
A digital currency in a peer-to-peer network without third-party control.
Ongoing chain of hash-based PoW on timestamped transactions.
Transfer a coin
A Sender signs the following message to approve a transfer:
Message = (HASH of previous transaction + PUBLIC KEY of the Receiver)
An intuitive step to detect Double Spending
- A Receiver wants to detect double spending
- She wants to confirm the absence of the early double spent transaction
- She needs to be aware of all transactions
- She knows which transaction arrives first
The server publishes a hash of a block along with the current timestamp → each timestamp consist of the previous timestamp → a chain is formed
Solve the challenging mathematical problem
Keep on incrementing the answer section (nonce) in the block until the hash result has a leading 0s of the length over the threshold of difficulty.
A block cannot be mutated without redoing all the work and the blocks after it. It is no longer one-IP-one-vote (Sybil attack), but one-CPU-one-vote.
The difficulty fluctuates to maintain the block rate at 1 block/hour globally.
How the ledger is maintained?
- New transactions being broadcasted to all nodes
- Each node receives and puts transactions into a block
- Mining: Each node does PoW to find the answer/nonce
- When the answer is found, the block is broadasted to all nodes.
- Nodes verify the transactions in the block and accept it if no conflict
- Nodes working on the next block after the accepted block
Receive two blocks?
A node works on the one received earlier yet keep the other. Until the next block is issued and received, the node can choose to work on either one that is on the longest chain.
Incentive on mining
Each block will have a new coin created and transferred to the creator of the block (miner) to add more coins into circulation.
Reclaiming disk space
A set of old transactions can be compressed after a long time buried. They are hashed into Merkle tree, with only the root of tree included in the block hash.
A block header takes 80 bytes only. Block rate is 10 min. So 80 * 6 * 24* 365 = 4.2MB per year. According to Moore’s Law, we are safe from exceeding the upper bound.
Simplified Payment Verification (SPV)
Someone can verify transaction without a full node! She keeps only a copy of block headers of the longest blockchain in local devices (e.g. computer) and relies on some nodes in the network for verification.
Combining and Splitting Value
A transaction contains multiple inputs (previously received transactions) and two outputs: the real payment & the changes.
Nodes can announce transactions, but the public key is kept pseudo-anonymous. Once a public key has been associated with a real identity, all the rest of the transactions are revealed.
An attacker can at most change one of her transaction to undo that specific transaction, but nothing more.
- If the attacker has 10% of the CPU globally, the possibility to catch up 5 blocks is less than 0.001
- If the attacker has 30% of the CPU globally, the possibility to catch up 5 blocks is less than 0.18
Bitcoin proposed a digital currency without trust in centralized parties, which rely on cryptographical signatures, distributed systems, and computer networks so as to avoid Double Spending. The consensus mechanism also incentivizes the network with PoW and one-CPU-one-vote concept.
Your comments and suggestions are most welcomed! I hope the series can continue to encourage people to start reading some cool and fundamental research before they jump right into piles of white-papers and can’t tell the quality. It could be a good start for us!