How to destroy bitcoins?

We know how bitcoins are created, but how can they be destroyed?

Burning bitcoins is making them unspendable. This can have several uses, such as bootstraping another crypto-currency (like Counterparty did) or raising (negligibly) the value of the remaining bitcoins by reducing the number of spendable ones. This article will describe three ways that can be used to burn bitcoins.


The simple way

Sending bitcoins to a bogus address (an address with no known private key) is an easy way to burn bitcoins. Fortunately, Bitcoin users have very very little chance to unwillingly burn Bitcoins this way as a 4 bytes checksum is present in its string representation hence preventing typos (a complete guide to how Bitcoin addresses are created is available on the bitcoin wiki).

That’s why creating a bogus Bitcoin address requires more effort than just smashing a keyboard. In order to create one, its underlying hash160 is used as it can have any value and this value directly translates into the first characters of the address (the last ones represent the checksum).

Known examples of bogus addresses are:

While sending bitcoins to such an address is a pretty sure way to burn them, it is not a provably definitive one as a private key for this address could exist (however finding out if it exists would require way more energy than our solar system could produce during its lifetime).


The meaningful way

For a very long time, Bitcoin users have been including data in the blockchain whether it is to prove document ownership or identity, to secure contracts or to represent real world assets on the blockchain.

In 2013, an easy way to add data to any Bitcoin transaction was introduced. By making standard a previously invalid script instruction, OP_RETURN, a Bitcoin user could add up to 40 bytes of data to his transactions.

Before the standardization this new output type, including data in the blockchain was not a straightforward task and involved using numerous bogus addresses to encode arbitrary data. The introduction this new output type made it easier and allowed Bitcoin nodes to prune this kind of outputs from their memory as they cannot be spent thereby limiting what developers called blockchain bloat.

Since its introduction, more than 3.66 BTC have been spent in OP_RETURN outputs and the number of these outputs keeps growing, reflecting a move toward a more diverse use of the blockchain.


The definitive way

While the previous methods are effective, they do not really destroy bitcoins. You can still see them in the blockchain, it’s just that no one can spend them. However, there’s a way to effectively destroy bitcoins by removing them from the blockchain.

When I was building the new version of p2sh.info, I made sure that I had not missed any transaction data so that the database was consistent. As a part of this process, I computed the number of existing bitcoins as the sum of bitcoins held in unspent, but confirmed, outputs. If everything is right, this sum should add up to the number of bitcoins in existence (and this number can be computed only by knowing the number of blocks in the main chain of the blockchain).

However, I found out that 10.19768818 BTC were missing… At first, I thought I had missed some transactions or that there was a bug in my code. Upon further inspection, I found out that I was right: 1031 blocks did not redeem all of the block reward they were entitled to. The block reward is the combination of the generated coins (50BTC at the beginning of Bitcoin, halving every 210,000 blocks) and the fees contained in the block’s transactions.

These discrepancies may be due to the fact that miners missed some transactions’ fees or that a superfluous transaction fee was paid for the coinbase transaction itself and not included in the miner’s transaction output value or it may even be intentional, who knows.

The first of these blocks dates back to May 18th, 2011 and the last one occured on August 15th, 2015 (it had only 1 satoshi missing and was apparently mined using CoiniumServ). The majority of these blocks was mined between January 2012 and March 2013.

Several pools mined blocks not claiming all of the block reward. According to Blocktrail API, EclipseMC and Eligius were those that mined more than half of these blocks. What’s interesting to notice is that these two pools started mining them at the same time, suggesting they may have been using the same pool software. However, EclipseMC stopped mining them in September 2012 while Eligius didn’t (they stopped in January 2013) suggesting a split in pool software at that time. Other pools, like Slush, P2Pool, also mined such blocks, but only a few ones.

These missing bitcoins are definitively lost. Sending bitcoins to bogus addresses or spending them in unspendable outputs does not make them disappear, you can still see them in the blockchain. Not redeeming all the block reward makes bitcoins really disappear: there is no way to see them in the blockchain. Looking at the bitcoind source, the only check on the block reward’s value is that it does not exceed its maximum value, thus it seems that you could even destroy all of the block reward, including generated coins, this way.


Conclusion

There’s more ways to burn bitcoins (for example by using invalid non standard scripts) but the most common ones are using bogus addresses and OP_RETURN scripts. While it’s only speculation from my part, I found it very interesting to be able to see which pools used common software only by looking at the blockchain.