[2] Bitcoin paper explained

Bitcoin: A Peer-to-Peer Electronic Cash System — Satoshi Nakamoto (2008)

The original paper can be found here.

Preface

This is a technical summary of the well-known Bitcoin paper that takes you a step forward to grasp Bitcoin’s underlying techs in layman terms. Feel free to check out the original paper to get more details.

Bitcoin image from Bitcoinist.com

One sentence break-down

Bitcoin

A digital currency in a peer-to-peer network without third-party control.

Bitcoin blockchain

Ongoing chain of hash-based PoW on timestamped transactions.

Major problem

Double spending.

Transaction

Transfer a coin

A Sender signs the following message to approve a transfer:

Message = (HASH of previous transaction + PUBLIC KEY of the Receiver)

Bitcoin paper: transactions

An intuitive step to detect Double Spending

  1. A Receiver wants to detect double spending
  2. She wants to confirm the absence of the early double spent transaction
  3. She needs to be aware of all transactions
  4. She knows which transaction arrives first

Timestamp Server

The server publishes a hash of a block along with the current timestamp → each timestamp consist of the previous timestamp → a chain is formed

Proof-of-Work (PoW)

Solve the challenging mathematical problem

Keep on incrementing the answer section (nonce) in the block until the hash result has a leading 0s of the length over the threshold of difficulty.

Protection

A block cannot be mutated without redoing all the work and the blocks after it. It is no longer one-IP-one-vote (Sybil attack), but one-CPU-one-vote.

Difficulty

The difficulty fluctuates to maintain the block rate at 1 block/hour globally.

Network

How the ledger is maintained?

  1. New transactions being broadcasted to all nodes
  2. Each node receives and puts transactions into a block
  3. Mining: Each node does PoW to find the answer/nonce
  4. When the answer is found, the block is broadasted to all nodes.
  5. Nodes verify the transactions in the block and accept it if no conflict
  6. Nodes working on the next block after the accepted block

Receive two blocks?

A node works on the one received earlier yet keep the other. Until the next block is issued and received, the node can choose to work on either one that is on the longest chain.

Incentive on mining

Each block will have a new coin created and transferred to the creator of the block (miner) to add more coins into circulation.

Reclaiming disk space

A set of old transactions can be compressed after a long time buried. They are hashed into Merkle tree, with only the root of tree included in the block hash.

Moore’s Law

A block header takes 80 bytes only. Block rate is 10 min. So 80 * 6 * 24* 365 = 4.2MB per year. According to Moore’s Law, we are safe from exceeding the upper bound.

Moore’s Law from bjc.edc.org Education Development Center

Simplified Payment Verification (SPV)

Someone can verify transaction without a full node! She keeps only a copy of block headers of the longest blockchain in local devices (e.g. computer) and relies on some nodes in the network for verification.

Combining and Splitting Value

A transaction contains multiple inputs (previously received transactions) and two outputs: the real payment & the changes.

Transaction inputs and outputs — freedomnode.com

Privacy: Pseudo-anonymous

Nodes can announce transactions, but the public key is kept pseudo-anonymous. Once a public key has been associated with a real identity, all the rest of the transactions are revealed.

Attacking Scenario

An attacker can at most change one of her transaction to undo that specific transaction, but nothing more.

The race is the Binomial Random Walk (e.g. Gambler’s Ruin Problem). The experimental results show that:

  • If the attacker has 10% of the CPU globally, the possibility to catch up 5 blocks is less than 0.001
  • If the attacker has 30% of the CPU globally, the possibility to catch up 5 blocks is less than 0.18

Conclusion

Bitcoin proposed a digital currency without trust in centralized parties, which rely on cryptographical signatures, distributed systems, and computer networks so as to avoid Double Spending. The consensus mechanism also incentivizes the network with PoW and one-CPU-one-vote concept.


Thank you

Your comments and suggestions are most welcomed! I hope the series can continue to encourage people to start reading some cool and fundamental research before they jump right into piles of white-papers and can’t tell the quality. It could be a good start for us!