Cracking the Bitcoin White Paper

Bo

Hi there!

I’m Bo. I read cryptocurrency white papers so you don’t have to.

Let’s face it; there’s just something about reading white papers that turns most people off.

That being said, I strongly encourage you to have a read through the Bitcoin White Paper. It’s a bold and concise read with enormous implications for the global economy. A keen understanding of how to harness this technology could help you change the world. I’ll help get you started on the journey. Thank me later.

Title: “Bitcoin: A Peer-to-Peer Electronic Cash System”

Author: Satoshi Nakamoto, satoshin@gmx.com

Published: October 18th, 2008

Read Time: ~15 minutes

Readability Score: 5/5

Bitcoin, the first of its kind, was born into a particular historical context. A reckless attempt to explain the white paper might do so without first trying to understand that context. Allow me to give you a crash course in Bitcoin & Bitcoin history. After that, I’ll use the paper to explain Satoshi’s motivations, Bitcoin mining and how the magic works. All quotes are excerpts from the Bitcoin white paper.

What is Bitcoin?

Bitcoin is a community, a protocol (standard set of rules for information exchange) and a digital currency. The Bitcoin community uses the digital currency by running software that adheres to the protocol. Doing this makes you a member of the community. Simple. But this protocol can do so much more than just spend currency. Here is where its real power lies. Like Andreas Antonopoulos alludes to in his book — Internet of Money — currency is only the first application of the Bitcoin protocol.

Bitcoin is a decentralised medium of exchange — meaning that unlike regular currencies, it is not issued and governed by any central party and remains agnostic to your geolocation and transaction amount. Thus users of Bitcoin are potentially free from censorship and discrimination of any kind.

Who created Bitcoin?

It turns out nobody knows the answer to this one. Well, nobody except Satoshi Nakamoto and whoever else Satoshi told. Let me explain. The Bitcoin white paper and the first version of the Bitcoin client (software used to run the protocol) were published by a mysterious group or person under the pseudonym “Satoshi Nakamoto”. Satoshi couldn’t have released the white paper at a more crucial time — In the heat of the 2008 financial crisis. Programmers rallied behind Satoshi and formed what is now known as “Bitcoin Core” — the team responsible for governing the open source Bitcoin client software. In 2011 Satoshi vanished from the chat rooms and message boards. No one has since been in contact with this mysterious figure.

Satoshi’s motivations

“Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model.”

Satoshi describes Bitcoin as a solution to the inherent weaknesses of the “Trust based model”.

In a nutshell, we put our trust in banks to keep our money and transact on our behalf. Your bank also provides you with the much needed digital security required to keep your money safe — The average person shouldn’t need to understand computer network security.

Unfortunately, there are several weaknesses with this setup. Here are two weaknesses I’m familiar with. First — Banks get to choose which transactions to accept. Thus your account could get frozen for unjust (or just!) reasons leaving you powerless. The same security that keeps bad actors out allows the banks to exert undue control over the individuals who put their trust in the system. Second — Banks are centralised and so can be hacked, defrauded or bankrupted. These supposed black swans happen more often than you might think. With cash, however, you almost never need to rely on trust, so these problems go away. Sadly you can’t keep your life savings underneath a mattress.

What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.”

Now imagine a system with no central player to give you permission to use your money. In fact, imagine your money is inaccessible to anyone but you (no mattress required). You can also move it from one account to another without geographical restrictions or limits on transaction volume. You have the ability to make transactions through any medium that can access the network. All of this, with the added benefit of privacy through pseudonymity. That’s Bitcoin.

Okay, let’s say you’re sold on the problems with the trust based model. But now you’re probably wondering why organisations never fixed it. As it turns out, there’s no known easy fix for secure online payments. This is mainly due to the double spending problem — If you own a unit of digital cash (from your bank, or as a token), it exists not physically but as a chunk of data on a computer that can be copied and sent to more people — uh oh, counterfeiting! To avoid this problem, each bank will hold its customers’ details and account balance on its database for payment authorization. Satoshi proposes a different solution.

“In this paper, we propose a solution to the double-spending problem using a peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions.”

How the magic works

Instead of explaining how to use Bitcoin, I will explain what happens behind the scenes when you do.

Here’s an analogy that helped me out when I first learnt about Bitcoin. Imagine there’s a massive excel sheet (or google spreadsheet) that everyone on the planet has access to. Now imagine the sheet has 3 column headers: Sender, Recipient and Amount. We use the sheet to keep track of who’s paid who and how much. If you’re into finance or accounting, you might recognise this sheet as some kind of simplified global ledger. To send someone money, all you have to do is put a new entry in that sheet. Each entry (or row) is called a transaction. Others can verify that you indeed made the transaction using your “signature” (more on this later) which appears on any row you edit and is impossible to fake.

Remember, everyone else is simultaneously using this sheet, so it’s going to be huge! To keep it manageable, a new sheet is created every 10 minutes with the condition that it must include an entry identifying its parent sheet. Payment verification is as easy as trolling through the sheets to make sure the sender has the funds required and that the transaction (payment row) is on a sheet. As long as users continue to update the sheet, the system works.

Now imagine we’re a group of evil masterminds and wish to confuse the network by modifying a row in a previous sheet. We’re not allowed to directly edit the sheet that everyone sees so instead we’ll make a duplicate sheet, change our target row and convince everyone to use that sheet instead of the old one. At this point we’ll notice that changing any row in the sheet deterministically changes the ID of the sheet that was already put into the next sheet. This means the next sheet ID changes too and cascades up to the final sheet! Remember that each sheet references its parent sheet by including an entry with the parent’s ID. Nobody is going to accept our sheet unless we manually copy all the sheets between our modified sheet and the current one. You’ll see later on (while discussing Proof of Work) that doing this is extremely difficult and puts a heavy negative incentive on malicious behaviour.

Thus using the sheet IDs in this way keeps the entire sheet history intact and tamper proof as editing one sheet deterministically results in changing all consequent sheet IDs.

How the magic actually works

The group of excel sheets represents something we call “The blockchain” and each excel sheet is a “block”. This blockchain is simultaneously stored on every node — A node is a computer connected to the network and running the peer to peer Bitcoin protocol. All nodes on the network periodically agree on a block (list of transactions) to permanently add to the chain. This agreement or “consensus” takes an expected 10 minutes on average in the Bitcoin blockchain. All of this processing happens without human intervention (except people manually making transactions) meaning the system is live 24/7 as long as there is any node running the protocol and listening for transactions. Nodes that go offline can pick up where they left off by downloading new blocks and verifying the transactions within them. Forks and splits in the chain do occur, but by convention nodes will always converge to the longest chain.

A block’s contents determine the block’s unique “blockhash” (generated string of characters) which is inserted into the next block just as the sheet’s ID was put into the next sheet. Thus editing one block results in an unpredictable change in all consequent block hashes. For this reason and others (as we’ll see in Mining economics), transactions buried beneath a few blocks in the blockchain can be considered permanent making the blockchain an immutable record of data.

To make a transaction, a user must “announce” the transaction by posting it on the network — this is as easy as sending it to a known network node that can broadcast it to the other nodes. Like in the excel sheet, the transaction includes a recipient and an amount. The transaction also includes a previous transaction as proof that the money exists and belongs to the sender. Using elliptic curve cryptography, the sender generates a “signature” on the transaction that proves its authenticity.

Once the transaction is on the network, one of the nodes (who communicate peer to peer) will verify it and include it in a block. C’est fini. Each transaction can be verified by looking at the chain of ownership (all previous transactions) that led up to the transaction.

The problem of course is the payee can’t verify that one of the owners did not double-spend the coin. A common solution is to introduce a trusted central authority, or mint, that checks every transaction for double spending” …

“The problem with this solution is that the fate of the entire money system depends on the company running the mint, with every transaction having to go through them, just like a bank.

To confirm absence of a double-spent transaction, a node must be aware of all transactions on the network. This is how Bitcoin solves this problem with no central authority.

While anyone can run a network node, there are different degrees to which one might choose to do so. Light nodes can perform payment verifications without downloading the entire blockchain. Full nodes will download the entire chain. Miners are full nodes that will compete to create new blocks for a reward that is programmed into the network protocol.

I often get questions like “But where is the blockchain stored?” and “Who controls all the Bitcoin?”. Hopefully, you already know the answer by now but if not, let me spell it out for you. Everyone who runs a node stores the entire blockchain or some part of it. Roughly every 10 minutes, miner nodes (including your node if you choose) would have autonomously come to a consensus on a new block to include in the chain (no human interaction required). Your node and everyone else’s will then download the new block and verify that the transactions add up. Your node, therefore, has all the power to verify every transaction ever made and every transaction is recorded forever in the blockchain. Beautiful isn’t it?

Just one more thing.

Why would anyone participate in this?

Mining economics

Some nodes on the network are called miners. They aren’t exactly digging up diamonds though the process does share some similarities. Remember that making payments involves broadcasting transactions to the network? Well, a miner’s job is to group those broadcasted transactions into blocks and broadcast the blocks to the network. Each time a miner creates a new block, the miner will include a special transaction that was never broadcast. This transaction — dubbed “coinbase” — credits the miner’s account with a set number of new Bitcoin. I know right, printing money!

“By convention, the first transaction in a block is a special transaction that starts a new coin owned by the creator of the block. This adds an incentive for nodes to support the network, and provides a way to initially distribute coins into circulation, since there is no central authority to issue them.

If this miner’s block gets mined, the miner will get to keep the extra Bitcoin from the coinbase transaction and the accumulated transaction fees from the block. A block will only be “mined” if it gets broadcast to the majority of the network first. In a nutshell, the first miner to produce a block gets to keep the rewards (subject to network speed). Again, it’s worth noting that all of this happens autonomously on any node running the Bitcoin client software. No mining license, Bitcoin customer account, driver’s license or passport photo required!

“Once a predetermined number of coins have entered circulation, the incentive can transition entirely to transaction fees and be completely inflation free.

Before you go off to try mining Bitcoin, allow me to explain one more crucial point. For your new block to be included in the blockchain, you’ll need to create a “Proof of Work”. This is essentially computationally verifiable proof that the node has spent an arbitrary quantity of computational energy to create this block. In practice, it’s simply a string of unintelligible characters. The amount of effort that must be expended on average — the “difficulty” of the network — to create this proof is an adjustable feature of the Bitcoin protocol. As miners improve their technology and mine faster blocks, the protocol automatically adjusts the network’s difficulty to keep the average block time (time taken to create a block on average) at 10 minutes.

“To compensate for increasing hardware speed and varying interest in running nodes over time, the proof-of-work difficulty is determined by a moving average targeting an average number of blocks per hour. If they’re generated too fast, the difficulty increases.”

Initially, any nerd and his pet dog could run a CPU and match the “hash rate” (computational effort) needed to mine a block on the network. But today mining Bitcoin blocks is only possible if you join groups that pool hash power (computational effort) using a specialised mining chip. Even then, the bandwidth and electricity requirements of running a mining node make it an unprofitable venture for most.

Proof of Work is also instrumental to the security and integrity of the network. Hacking the system means beating the proof of work algorithm to try to change history.

“If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains. To modify a past block, an attacker would have to redo the proof-of-work of the block and all blocks after it and then catch up with and surpass the work of the honest nodes.”

Even if an attacker managed to gather the power necessary to redo all the proof of work on every block since the target transaction, the attacker could only modify its own transactions and exclude existing transactions. With that kind of power, it’s far more profitable to help secure the network than to defraud it.

“if a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth.

Later in the white paper, Satoshi goes on to mathematically prove the exponential difficulty faced in attacking the network. Satoshi also ends by explaining how privacy works on the network, how to combine and split value in Bitcoin, and how to create a light node (a node that can verify payments quickly). So if any of those are of particular interest to you, I recommend you give it a read!

Conclusion

Bitcoin’s white paper reveals a lot of information about the motivations of its author and succinctly delineates the Bitcoin protocol later implemented in the first Bitcoin client software. What it does not reveal, however, is the thriving community of users creating a market for everything from education to entertainment under the sustained decentralised governance of the protocol. Decentralised governance in the sense that all users of the protocol can be involved in changing the protocol. Changing the protocol is as simple as changing the software being executed, and users may vote for a particular change by (signaling) running the client software that reflects that change. If the new software makes your node incompatible with nodes or blocks from the old software, then we say the network has a hard fork; and if the new and old versions are compatible, the network has a soft fork. Right now, the community is gearing up for a soft fork (August 1st, 2017) and a potential hard fork later on. A few believe these events pose an existential threat to Bitcoin and other cryptocurrencies as the network could come spiraling down. In my opinion, nothing is closing this Pandora’s box. It’s open for good. What do you think?

Now you know as much as I do!

I’ll put out another article on every cryptocurrency I find particularly interesting so stay tuned for those.

Twitter: @bo_ogunlana if you want to chat or just keep up to date

For more info on the upcoming Bitcoin fork, check out this awesome post from coinbase.

Thanks for reading, and remember to share!

Bo

Written by

Bo

Blockchain developer, engineer, entrepreneur.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade