Bitcoin Under The Hood: How Blockchain Actually Works

A holistic explanation of the technology behind Bitcoin. Made for beginners.

Our Blog’s Mission

Welcome to Illini Blockchain’s first blog post! Illini Blockchain is a curiosity-driven club whose mission is to learn about and get involved in the blockchain ecosystem. We also want to bring others along for the ride! That’s where blog posts like these come in. We ingest all of the information about a topic, cut the fat, and provide you with an ingestible post covering the important information. We want our posts to be simple enough for a novice to understand, yet in-depth enough to leave that novice with a well-rounded understanding of that post’s topic. If a 10 is an expert on the subject and a 0 knows nothing, a successful post will take people from a 0 to about a 5.

In this post we cover Satoshi Nakamoto’s invention Bitcoin, which pioneered the first blockchain technology. Many people have heard of Bitcoin, but most don’t understand it. In this post, we will take a look behind the curtain and teach you why it’s significant and how it really works. We will explain the fundamental problem it solves and take you through the life of a Bitcoin transaction. By the end of this post, you will be an armchair expert on Bitcoin!

The Problem Bitcoin Solves

Trust & Money

Before talking about what Bitcoin is and what it solves, here’s a brief primer on money used today and why it works (for now). For any currency to be used, it needs to be built on trust. Now, there’s a few questions that may come from that… What is trust? Why does currency need trust? How is trust gained? Trust for a currency means that the people and organizations who use the currency trust and believe that it has value. Currencies need this trust since value is being transferred from person to person, and value can be arbitrary from person to person. So, a currency can be used as an agreement on that exchange of common value. This is why currencies need to have trust — if people didn’t agree on value or didn’t trust the currency, people wouldn’t accept it for exchange and the currency would be worthless. So, where does a currency’s trust come from, how does everyone agree on it? Today, trust comes from a central authority -namely governments- who control issuing and maintaining the supply of their currency. People trust that their central authority won’t tamper the currency in a harmful way. For example, recklessly printing money and devaluing the currency. People trust a currency if they trust the central authority that controls that currency. And, the more people that trust the currency, the more valuable that currency becomes (ex: a lot of people trust the US dollar and it is valuable as a result). The inherent value of money comes from how many people trust it.

What Does Bitcoin Do To Help?

Now that trust has been defined, what does Bitcoin solve in the process? Well, Bitcoin is often referred to as a trustless currency system. I know what you’re thinking… “didn’t you just tell me currencies need trust???” Yes! Bitcoin isn’t technically “trustless”, instead Bitcoin is an open system which allows anyone to participate and ensure the currency is being used properly. So, trust is placed in how the network works rather than in a central authority. Rather than people relying on a third party to ensure trust, they can rely on code. Code that is proven to work and will not change under any circumstances. Essentially, Bitcoin functions by using algorithms running on many computers as a network to issue and verify transactions of currency. You may be thinking, “that’s a really awesome and concise explanation. Can we get that in English please??” Don’t worry, we will be spending the entire article explaining this phrase. For now, you should know that anybody is able to take part in the network, not just a central authority, which is what makes it decentralized! But, why is this beneficial?

The Issue of Power

Earlier, you saw that there is trust placed in maintaining the value of the currency, and that money won’t be printed unnecessarily. However, history shows that trust is often broken, leading to issues like hyperinflation or gatekeeping the financial system to marginalize certain communities and reinforce biases (Ex: 1960s banks refusing to issue homeowner’s loans to thousands of minority couples in city suburbs). The issue with placing trust across many people in a centralized authority is a problem of power. Since they have all this trust from people, they are able to easily control or manipulate that trust for their own benefit.

By having a decentralized system, no single entity is able to control the currency and every person can see and verify what’s going on within the network. Bitcoin’s underlying technology, blockchain, is what makes this all possible. Blockchain networks remove this centralization of trust and tear down the traditional walls of power by weaving trust into its software and keeping that code open and accessible. So, how does it work?

Creating An Account

What’s In Your Crypto Wallet?

The first step in this process is to create a crypto wallet so that you can send and receive Bitcoin. There are wallets for each blockchain network (Bitcoin, Ethereum, etc) that hold that network’s native cryptocurrency. There are also different levels of how you interface with your wallet — hosted, non-custodial, and hardware — which vary in security and ease of use. Check out this article for an explanation. When you interact with a wallet, it may look like your Venmo where you can see, send, and receive payments. But, what’s special about a wallet is what goes on under the hood.

For now, we will focus on a Bitcoin wallet: what it is and why it is important. A crypto wallet is like a real life wallet that has cash and an ID. Similar to your real wallet’s cash, this crypto wallet holds your Bitcoin (BTC). You are essentially your own bank, meaning you manage and secure your own funds. When you deposit into a bank, you trust the government and bank to keep it safe. However, a crypto wallet gives you full control, access, and responsibility of managing your own funds. So, when you see 1 BTC in your Bitcoin wallet, you can be sure that your 1 BTC is not being used anywhere else.

In addition, your crypto wallet uses a private and public key to identify you, just like a driver’s license in your real life wallet. Every wallet has a unique public and private key, which are automatically assigned when the wallet is created. They both play important roles in making up what a wallet really is and what it can do. First, let’s talk about digital signatures.

Digital Signatures

Like real signatures, the idea here is that you should be able to add something to a transaction that you have seen and approve of it. And, it should be infeasible for anyone else to forge that signature. In real life, your signature looks similar every time you sign something. Digital signatures, however, are much stronger because they combine your private key to each unique transaction.

The Public Key/Private Key Pair

Your public key functions as both your address and username. It is an address for you to send/receive Bitcoin. When I want to send someone 1 BTC, I would type their public key (and confirm it with my private key) and it would be sent to them. Your public key is also your username that people can see when you make transactions. The private key, on the other hand, is essentially a super-secret password that is so long and random that it is nearly impossible to guess. It’s like a PIN on steroids. With a typical 4-digit PIN, there are 10,000 possible combinations. A private key, on the other hand, has 2^256 possible combinations. That is an unfathomably large amount. To give you a picture, there are about 10^77 possible combinations. The universe is estimated to contain 10^80 atoms. What this means for us is that when you enter your private key to sign off on a transaction, it could only realistically be you (or someone you told the password to). Thus, making it a much more secure verification process.

And, you need your private key for every transaction you make on the blockchain. Why? Because the private key is how you sign transactions. To make each signature unique, it takes into account the transaction message it is signing off on. The message contains the: time, amount, sender, and recipient. So, each time you sign, the signature looks a little different. You can think of producing a signature as a function that looks like this: Sign(Message, private key) = Signature. The private key ensures that only you can produce that signature. And, the message means that no one can just copy one of your signatures and copy it onto another transaction.

The Sign function goes hand in hand with a second function used to verify that a signature is valid. This is where the public key comes into play. This function will output true or false if this is a signature produced by the private key that your public key is paired with. It looks something like this: Verify(Message, Signature, public key) = T/F.

These functions are confusing if you take it a step further. The general idea is that it should be completely infeasible to find a valid signature if you don’t know the private key associated with it.

Keep It Hidden

You need both your public and private key to access and use your crypto assets in your wallet. It is also the ONLY way to access and use your wallet (this can depend on the type of interface you use to access your wallet). The good news is a public key cannot really get lost because you can find it in your transaction history. The private key, however, is unique to you. If someone has access to your private key, they can access your wallet, act as you, and do whatever they want with your assets. On top of that, if you lose your private key, there is no “forgot your password” button to reset it. Once you forget your private key, there is no way to access your wallet. So, KEEP YOUR PRIVATE KEY SECRET & DO NOT LOSE IT.

Transactions

Now that we have our ever-important public key and private key, let’s make a transaction. To make a transaction, we need to know how much Bitcoin we want to send and where to send it. So, we need the amount you want to pay and the recipient’s public key.

Then, you need to verify that you approve of this transaction. In normal payments, you may verify a purchase by putting in your PIN or zip code. In Bitcoin, verification is MUCH more secure than that. You sign off on the transaction with your private key. As stated before, your private key is SUPER secret and way harder to guess.

Once you have digitally signed the transaction, that transaction is publicly broadcasted to the network. Ex: this public key wants to send this amount of BTC to another other public key.

Block Verification/Proof of Work

Before going into proof of work, let’s clarify what the network is actually run on.

Nodes/Miners & Freshly Minted Bitcoin

A node (aka a miner) is the computer that the blockchain network is run on. They “mine” for Bitcoin by using their computing power to verify transactions. They get rewarded with a payment of freshly minted Bitcoin. This is how new Bitcoin is circulated into the economy.

SIDE NOTE: One of the main characteristics of Bitcoin is its limited supply. Other forms of money can be printed at will by central banks — i.e. they have unlimited supply. Satoshi Nakamoto capped the number of BTC at 21 million. There are just under 19 million BTC in circulation as of writing this. As BTC approaches its cap, miners receive less and less incentive. As a result, miners spend more energy for less BTC. In addition, the supply limitation makes Bitcoin scarce and controls inflation. As Bitcoin reaches its cap, its economics will alter. The incentives for miners and traders will change. The way the network is used may also transform. However, given cryptocurrency’s relatively underdeveloped ecosystem, it is difficult to predict the effect of Bitcoin reaching its capped supply.

OK, now what are the miners actually doing with that computing power?

Listening For Transactions & Clarifying Disagreements

At this point, nodes (aka miners) are just listening for transactions. We have verified that those transactions are valid — that money is truthfully coming from the wallet they say it’s coming from, and that that wallet has the money to send — but this hasn’t yet solved the problem of disagreement on the order of transactions.

The Problem of Double Spending

For our system to work, we need everyone to be on the same page on how much money everyone has. Otherwise, someone could spend money that they do not have. Because of this, transactions are not just accepted instantly. What if I wanted to double spend my money? Let’s say I have 1 BTC in my wallet, and I broadcast one transaction saying I pay Dave 1 BTC, and another saying I pay Kenny 1 BTC. Because communication between computers is not instant and time of communication can vary, the two transactions may arrive in one order for one node, and another order for another node. In the Bitcoin protocol, we don’t have a way of verifying that the timestamp of the transaction is truthful, so without some system of consensus, some nodes would say Dave has 1 BTC and others would say he doesn’t. If we didn’t address this difference, it would have effectively spent the same coin twice. This is what people typically refer to when they talk about double spending.

The Solution To Double Spending

So, to have our system of decentralized currency actually work, we need a system/protocol to make sure everyone is on the same page in terms of the order of transactions. The following is Bitcoin’s system:

1. People broadcast transactions.
2. Nodes hear transactions. REMEMBER: Nodes could hear the same broadcasted transaction at different times according to how transaction data is distributed throughout the network.
3. Nodes place ~1500 transactions in a block. The first transaction is their reward of a small amount of Bitcoin (which they will only get if their block gets added to the chain).
4. Nodes guess and check for valid nonces into a hash function for their block. This takes about 10 minutes.
5. Only with the right nonce will others accept the node.

Let’s unpack that fourth step.

The Process

Each block has two important characteristics: its transaction data & the previous block’s hash. These are two of the inputs that get plugged into the hash function. The third is a nonce. The nonce is the variable that the miner can change. They plug all three of these variables into a hash function with the hope of receiving a desired output. If you drew an over-simplified version of the process, it would look something like this:

There’s a bit to unpack here.

Wait, What Is A Hash Function?

A hash function is like a magic box. You enter an input and receive an output that is unique to that input. In addition, it is so cryptographically secure that it is practically impossible to reverse engineer. The output is seemingly random and can change drastically if one small aspect of the input is changed. So, we call the hash function a “one-way” function. This is what makes hash functions so valuable. The only way to get your desired output (aka that input’s “hash”) is to guess and check until you get it.

In addition, all hash functions have “fixed-bit outputs”. The “fixed” part means that the output has the same number of digit spaces every time you run it. The output length doesn’t change. And, each of those spaces is filled by “bits”. Bits are either 1s or 0s. So, a “fixed bit output” is just a predetermined number of slots filled by 1s and 0s. Bitcoin uses the SHA-256 hash function. The SHA-256 function has 256 bits. This means that there are 2^256 unique outputs. As we said earlier, that is a massive number. The number of potential outputs in addition to the “one way” quality makes SHA-256 incredibly secure. In fact, it is used in the security for Google Chrome and MacBooks. So, if someone manages to crack the SHA-256 code, your Bitcoin will be one of the least of your worries. Okay, this makes sense…but what does it actually look like? I just so happened to have drawn out 256 1s and 0s, so I’m glad you asked.

Here is an example of what the SHA-256 function does:

What if we changed the input to be a little bit cooler?

Clearly, the output can change significantly with a small input change. So, if I wanted to change a transaction from 1 BTC to 10 BTC, the resulting hash would change significantly. SHA-256’s highly-sensitive and seeming randomness is fundamental to its security.

Now that we understand the key characteristics of a hash function. Let’s move onto the “guess and check for a valid nonce” part of the fourth step.

What Is A Nonce? What Makes A Nonce Valid?

Don’t be intimidated. “Nonce” is just the fancy computer science term for a random number. For Bitcoin, the ideal output has a certain amount of 0s at the beginning that you want to get. But, since SHA-256 is a one-way function you have to try random numbers (aka nonces) until you get a hash with that number of 0s. A valid nonce is the magic key to validating a block. If the nonce they guess is not valid, they simply guess another number. REMEMBER: each hash output seems random. So, miners are basically throwing darts (aka nonces) in the dark and praying for a bullseye (aka the desired output). So what is the desired output?

10 Minutes

The block is solved if its hash has a number n consecutive “0” bits starting from the beginning of the hash. Why n bits instead of just a regular number like 30? Well, Satoshi Nakamoto wanted the amount of time it takes for the network of computers to guess the correct nonce to be ~10 minutes long. If you had a fixed number of required consecutive 0s, the amount of miners on the network would change the average time it takes to solve a block. The more miners guessing for valid nonces, the less time it would take to find the correct nonce. The Bitcoin protocol accounts for this, and adjusts n to increase or decrease depending on how many nodes are mining on the network. So, as the network scales, the time it takes to find a block is still approximately 10 minutes.

SIDE NOTE: You may be wondering why 10 minutes? Well, there is a tradeoff between when the first miner solves the block and when the other miners find out about it. The decision of 10 minutes was made assuming it will take 1 minute for any new block to reach every node in the network. This means that after one node finds a solution, for about a minute, the rest of the nodes are doing “useless” work, trying to find a solution that has already been found. The inventors of Bitcoin decided not to waste more than 10% of the network’s resources doing useless work. Hence, the 10 minute block time. If they had been OK with wasting 20%, they could have made the difficulty 5 minutes. The 10-minute block verification time also has present-day implications. Slower block verification times means that the network cannot process transactions very quickly. Bitcoin can process 7 transactions per second (TPS). To give some context, VISA handles about 1,700 TPS. The scalability and speed of transactions is a HUGE barrier current blockchain technologies need to solve if they want to be widely adopted.

Recap: Why Are The Inputs To The Hash Important?

Input: transaction data, previous block’s hash, & nonce

Output: 256 1s/0s

Desired output: 256 1s/0s with n consecutive 0s in the beginning

Transaction data is important because it makes the nonce specific to our block of transactions. This means you can’t just copy and paste one nonce to another.

Because the previous block’s hash is part of the input, the nonce we find is going to be specific to the previous block. The block we create is tied to the previous block. So, to change any block, it would require finding new nonces for all blocks that come after. This is why it’s called a blockchain. All blocks are chained together through their hashes.

The nonce is the variable that the nodes can change in order to find the correct hash.

So, now we know this:

Bad Actors and A 51% Attack

You may be thinking: “there is no way that this technology is impossible to hack.” Fair enough. Let’s say you are a bad actor and want to change the transaction of a previous block to give you $1,000,000 BTC. If you want to change a previous block’s transactions, you would need to re-solve its hash. REMEMBER: because the input data is different, the hash will also be different. Since blocks are tied to one another using the previous block’s hash, you would then need to solve the hash of the following block. And the following block. And every other block until you get caught up to speed. Finally, you would need to surpass the work of the honest nodes. This is practically impossible unless you have power over 51% of the nodes on the network. So, unless someone manages to amass 51% of the computing power on the entire network, the network is safe.

Choosing The Longest Chain

If there are bad nodes trying to take over a network with a fraudulent chain that competes with the original chain, how do honest nodes know which chain to add blocks to? Keep in mind, these are computers which cannot distinguish between a good or bad node. They need a protocol to follow that ensures that they are choosing the correct chain. Computers choose the longest chain. Why? As time goes on, it becomes exponentially more difficult for a group with fewer nodes to contribute blocks at the same rate as the larger group of nodes. As long as at least 51% of the nodes are acting honestly, this protocol works. Hence, the importance of having control over 51% of nodes to attack the network. So, the longest known chain is bound to be the one with the most people and therefore the most consensus. As a result, the longest chain is the most trustworthy chain.

At all times, there can be multiple competing chains. As nodes hear new blocks broadcasted, they may request from other nodes to send them copies of their chains so that they are up to date with the latest data. As honest nodes, we want to accept and work off of the chain with the most consensus. Given what we know, when confronted by conflicting chains, we can choose the longest. This works because, as mentioned before, creating a consistent, valid sequence of hashes (representing blocks) is extremely difficult, so the longer the chain, the more likely it is that the chain is trustworthy. If they’re about the same length, all we have to do is listen for blocks, and when one grows significantly faster than the other, we can be confident it is the chain with the most people on it.

Blockchain Is Here To Stay

Satoshi Nakamoto figured out how to ensure trust in a transaction between strangers. Satoshi did this with the intention of creating the digital currency that is Bitcoin. However, Bitcoin is somewhat crude in its functionality and is not very scalable or sustainable. The underlying technology, blockchain, is what makes it revolutionary.

Blockchain extends the superpowers of the internet. The internet in its first stage gives us incredible communication power with things like real-time video. With blockchain, the internet becomes a trust platform. This is important because trust is everywhere in society. Currently, trust is ensured through big companies and legal contracts, which is inefficient and comes with a handful of downfalls. With blockchain, we have an opportunity to weave trust into the fabric of the internet. This opens up all sorts of exciting innovations.

Blockchain allows technology to play by fundamentally different sets of rules. With blockchain technologies, we can have: less inequality, more security, more communal trust, more availability, less costs, and more privacy in any type of transaction (from monetary purchases to voting ballots to contracts). Right now, a lot of innovation has come through decentralized finance or “DeFi’’. DeFi companies are attempting to replicate the functions of a bank (like lending, exchange, and spending) while omitting the downfalls that come with central authority (like bias and corruption).

Right now, the blockchain industry is like the Internet in the 90s. It is impossible to know who or what will come out on top. But, with knowledge of its fundamental principles, we know that blockchain is on a rocketship towards changing the way we live our lives. And it’s not just us, the biggest companies and organizations in the world, from Tesla to the United States Government, are investing resources to determine its current applications and future implications. We are in the early stages of a revolution on how people interact online.

Written by: Luke Clancy, Zayyan Faizal, Alec Chen, Danny Koch, & Adrian Petrykiw

Thanks to all of our friends who served as our reading guinea pigs.

Resources We Used

1. What is a blockchain? — Whiteboard Crypto: This served as our primer into the blockchain space. It uses very simple analogies and explains the fundamentals of blockchain. This is like standing in the shallow end and getting a feel for the water temperature and learning a little about what it feels like to be in water. Similar to how standing in water doesn’t teach you how to swim, watching this oversimplified video does not teach you how blockchain works.
2. “How does Bitcoin actually work? — 3 blue 1 brown: This video does a great job of thoroughly explaining how blockchain works. The video format also helps with visualizing what is really happening.
3. Bitcoin Whitepaper: Once we had a decent understanding of how Bitcoin and its underlying technology, blockchain, works, we took on the final boss. This whitepaper is very clear and concise. However, it can be intimidating and confusing if you start off with it. It casually uses phrases like “digital signature” and “peer-to-peer” which can make the whitepaper much more confusing to follow if you do not understand what these words really mean. But, it is a must-read for learning about blockchain.