The UTXO model
A technical cornerstone of Bitcoin

Bitcoin is based on the UTXO (unspent transaction output) model to ensure that nobody is able to spend money they don’t have and prevent money from being spent twice — so-called double-spending. In this article, you will learn how that works. Let’s go!
The Context
Bitcoin transactions are stored in blocks. Verifying the transactions is a crucial part of the security of Bitcoin. Another element of security is to make it computationally hard to add new blocks by adding a mathematical puzzle. In this article, you will learn how the transactions are actually validated.
If you want a longer introduction to Bitcoin / Blockchain, I’ve got you:
How Bitcoins are created
The first block of the blockchain is just defined in the code. All other blocks in bitcoin need to have a “proof of work”. This is a solution to an automatically generated mathematical puzzle that makes clever use of hash functions. Solving this hash puzzle is computationally intensive. This means you need to have good hardware and invest a lot of time and electricity to solve it. People wouldn’t do that just for fun on the current scale. They do it, because of the mining reward. This reward is given to every solved hash puzzle.
Halving
When Bitcoin started in 2009, the mining reward was 50 Bitcoin (BTC). In 2012, the reward was halved to 25 Bitcoin. In 2016 the mining reward was halved to 12.5 BTC. The last halving was in 2020 to 6.25 BTC.
Halving happens after 210,000 mined bitcoins. It is a mechanism to keep the total supply of bitcoins in check. The maximum possible amount of Bitcoins is 21 million. Then, miners will not receive a reward anymore. They will need to use transaction fees then — which they already do.
Keys and Addresses
Bitcoin makes use of ECDSA. Blair Marshall has written a nice article about it:
The gist of it is that people have a private and a public key. The public key can be known to everybody, but the private key must be kept private. The owner of the private key can approve a transaction by a digital signature. This signature is an algorithm that makes use of the private key in a similar way to a signature: It is easy to tell that the owner has created it and (in contrast to real signatures) it is practically impossible to forge the signature.
The Bitcoin address is generated from the public key by applying the SHA256 and RIPEMD-160 hash functions (source).
The reason for not using the public key directly is to have a second layer of defense (security in-depth). Even if the ECDSA algorithm would get broken (or, more likely, an implementation flaw would be found) the attacker would still need to figure out how to undo the hashing. It is highly unlikely that both happen around the same time.
The Anatomy of a Transaction
You can go to the block explorer and actually have a look at any block. Taking the linked example, you might see many lines like this:

In this example, you see two input addresses and over 228 output addresses. When you scroll down a bit, you can see the inputs:

Here you can see the ECDSA signature of input 1:
3044022059f56d87541691ff224e4c9941435dfb8780522d043f823a8ced...a01
And the public key of input 1:
038836175234670ee4c53943900615248f4a007b002b3c91c84c3edae009b9af3b
The same goes for input 2.
However, this is quite different from the raw JSON transaction:

I will come to the inputs and outputs, but let’s first discuss the remaining attributes:
- Ver is the version of the transaction format. I couldn’t find a good source for that, but in general, it’s a good idea and common practice to version protocols and exchange formats.
- Block height was added with BIP 34 and is essentially the block number in the current blockchain.
- Relayed by, according to sheinix article Understanding some Bitcoin Metrix “indicates the mining pool that has solved the Proof of Work”. I don’t understand what this is good for.
- Weight is a concept I’ve first seen with Segwit. Please have a look at this video by 99Bitcoin.com for details. The weight is similar to the size of the transaction.
Now, if you look at the input you can see the previous output and script
. I will explain that in a separate article — stay tuned 😁
The transaction output has an address and an output. So far, so clear. For the rest, let me update this article in a few days (or add another article).
Inputs and Outputs
It sounds crazy but imagine real coins. In a transaction with real coins, the receiver(s) get as many coins as the sender(s) put into the transaction. No coin is lost. Coins are created during mining in a controlled way and in a limited amount. After that, they are assigned to a Bitcoin address.
This is the core of the UTXO model. You have a bunch of input Bitcoin addresses and a bunch of output Bitcoin addresses.

Everybody can verify which address has how many Bitcoins in it by getting the whole blockchain. Hence tracking every bitcoin since the beginning.
Join Coinmonks Telegram group and learn about crypto trading and investing
Also, Read
- What is a Flash loan?
- The Best Crypto Trading Bot | Grid Trading
- 3Commas Review | Pionex Review | Coinrule review
- AAX Exchange Review | Deribit Review |FTX Exchange Review
- NGRAVE ZERO review | Phemex Review | PrimeXBT Review
- Bybit Exchange Review | Bityard Review | CoinSpot Review
- 3Commas vs Cryptohopper | Earn crypto interest
- The Best Bitcoin Hardware wallet | BitBox02 Review
- Ledger vs Ngrave | Ledger nano s vs x
- Crypto Copy Trading Platforms | Bityard copy trading
- Vauld Review | YouHodler Review | BlockFi Review
- The Best Crypto Tax Software | CoinTracking Review
- Best Crypto Lending Platforms | Leveraged Token
- Ledger Nano S vs Trezor one vs Trezor T vs Ledger Nano X
- BlockFi vs Celsius | Hodlnaut Review
- Bitsgap review | Quadency Review
- Ellipal Titan Review | SecuX Stone Review
- DEX Explorer | Blockchain APIs | LocalBitcoins Review
- Best Blockchain Analysis Tools | Earn Bitcoin
- Crypto arbitrage guide: How to make money as a beginner
- Best Crypto Charting Tool | Best Crypto Exchange
- What are the best books to learn about Bitcoin?
