Blogs & Articles: Why Bitcoin Works: For the New People 🔗 3 years ago

This isn’t for Bitcoiners, this is for new people. I tried to boil down a comprehensive break down of Bitcoin/blockchains (and why they aren’t magic cloud databases) that should be digestable to to relatively technical new comers. Bookmark it to pass around as you need.

Bitcoin (and blockchains in general) are a very counter intuitive concept at the core, even for people otherwise familiar with distributed technical systems. In order to truly grok how these systems work, one thing must be understood above all else: these things are just databases. They are databases with special cryptographic properties, but they are still just databases, 1s and 0s on a harddrive somewhere that people read and write to. Either you have a copy of that database, or you trust someone else to maintain a copy of the database and allow you to read from and write to it.

The Crypto

Now to move on to the special cryptographic properties used by blockchains: the first important piece to understand is a hash function.

Hashing a piece of data shoves an arbitrary sized piece of data through a mathematical function that outputs a fixed size piece of data unique to the input.

For instance inputting the previous sentence into this hash generator website produces the following hash:

2DDB0E661B57AA748E291880C0400E072EEB24798FE73CE2F761CC14858A6A8F

That hash is a unique fingerprint of the sentence that created it, and the odds of finding any other input for that hash function that creates the same hash is for all practical purposes mathematically impossible. This is one of the fundamental building blocks used to provide the special cryptographic properties of a blockchain.

The structure of a merkle tree.

The next important piece of cryptography is a merkle tree. This is a data structure that makes use of hashes on individual pieces of data to create an aggregate hash of many individual hashes. The entity building the merkle tree takes each individual piece of data (in this case, individual transactions on the blockchain), and hashes them. From here, each pair of hashes are hashed together (if there is an odd number of pieces of data, then the odd hash out is hashed with a duplicate of itself), and so on and so forth until you are left with a single hash. This is how the actual individual transactions in a block are cryptographically committed to in a way that is impossible to alter. Think of it like a pyramid where each level to the top has half the hashes the one below it does. Changing a single digital bit of information in a single transaction would alter the hash for every point of this merkle tree all the way to the top. This allows each piece of data (transactions) in the tree to be proven as included in the tree with the piece of data itself, and all the hashes needed up the tree to prove it is a part of the single root hash on top. This inclusion proof alone provides no guarantees at all about the validity of things included in the merkle tree, just that the individual items in the tree were present when the tree was created(i.e. spending coins without valid signatures, creating coins out of thin air, etc.).

The parts of a block header.

Each update to the blockchain database is a discrete “block.” This leads us into the “block header”, which also makes use of hashes. The block header is an 80 byte piece of data containing all the pieces of information above(notice the Merkle Root? That is the top hash of the tree of all transactions in the block). The Version section is simply a field relevant to upgrades we will gloss over in a high level view like this. The Previous Block Hash is the hash of the block header of the prior block in the blockchain. The Timestamp is the time and date in UNIX timestamp format. The Difficulty Target is one of the parts of the header related to bitcoin mining. If you remember from above the hash of the sentence in the hashing example was:

2DDB0E661B57AA748E291880C0400E072EEB24798FE73CE2F761CC14858A6A8F

The Difficulty Target in Bitcoin is pretty much a requirement that the hash of the block header has to have a certain number of zeroes on the front of the hash. Now if we pretend the sentence used to get that hash was a block, clearly it has absolutely no zeroes on the front, so it is useless as a block. Imagine if I added the number 1 at the end of the sentence. And if I could change that to 2 if the hash didn’t have enough zeroes, and 3, and so on. That is what the Nonce is for. If you make a merkle tree of transactions and put its root hash in the block header, and the hash does not have enough leading zeroes to meet the Difficulty Target, you can change the Nonce and hash again. Everyone on the network keeps track of the difficulty (and checks that the new block meets or exceeds the Difficulty Target), and miners compete to make a block with enough leading zeroes to be valid. Every 2016 blocks(approximately two weeks) the network difficulty changes to try and keep the time between blocks on average 10 minutes. The Bitcoin software statistically estimates the amount of computing power required at a certain Difficulty Target to produce blocks on an average of 10 minutes, and compares this to how frequently blocks have been created based on their Timestamps.

This is essentially what a blockchain is: a chain of consecutive block headers with Difficulty Targets that meet the current network difficulty requirement, that have Timestamps to verify all the regular changes to the Difficulty Target were made accurately to target 10 minute blocks (at least in Bitcoins case, other blockchains can target arbitrary intervals).

From here we go to the last piece of cryptography involved, digital signatures. If you want to take a deep dive through the mathematical side of things, there’s a link and have at it. If you don’t, I’m going to try to simplify it as much as possible just to contextualize it in the overall high level view of a blockchain. You generate a really big random number, which can be used with a mathematical function to derive another large number. So long as you can keep the first number completely secret, you can share the second one with the whole world. Using the number you share with the whole world, anyone can take that public number and verify a “signature” that you make with the secret number. This is accomplished with one protocol to generate signatures with the secret number, and a second protocol to verify signatures from the corresponding secret number using the public one. One protocol takes the secret number and a message(a Bitcoin transaction), and glossing over a lot of low level math details, effectively multiplies the message by the secret number to get a signature. The second protocol takes a signature produced by the first, and the corresponding public number, and with an equivalent mathematical operation verifies the signature came from the correct secret number without revealing it. This is what allows Bitcoin ownership to be enforced. Each transaction on Bitcoin’s blockchain is a set of inputs (existing coins) and outputs (coins created with the transaction) with signatures for every input of the transaction to prove it is legitimately authorized. If you lose your private keys (the secret numbers) you lose your coins.

• secret number = private key (keep secret)
• public number = public key (share with the world)
• signature = proof a private key signed a message, verifiable with public key

The Incentives

All transactions on the Bitcoin network consume “inputs”(unspent coins) and created outputs(the new unspent coins created when a transaction is confirmed). Miners are allowed to create special transactions that bring new Bitcoin into circulation. (This is the last aside to say other systems can do other things, I am talking about Bitcoin from here on out) In addition to claiming new coins brought into circulation, miners are allowed to claim fees from transactions for processing them. Fees are decided by the entity signing a transaction when it’s created. Each valid existing transaction input has a number of satoshis (the base unit of Bitcoin) associated with it. A transaction can create an arbitrary number of outputs with satoshi values not exceeding that of the inputs. Transactions can create a set of outputs with aggregate value that is less that of the inputs. The difference in these amounts (transaction fees) can be claimed by miners of the block the transactions are contained in, in addition to the new amount of coins brought into circulation. Miners fulfill the role of bringing new bitcoin into circulation at a cost, also earning fees for processing transactions by including them in their blocks.

Running the hardware necessary to find valid block headers has the costs of the hardware itself and electricity necessary to run it. The more people who operate mining hardware the harder (and more expensive) mining bitcoins will be in relation to how profitable it is. This is why people refer to Bitcoin as “immutable.” Every block that updates the database is part of a chain of hashes linked together with a provable cost to create each new link. That cost means that to go back and alter prior blocks in the database, you have to redo the work and expend double the energy. Every person with a copy of the blockchain watching updates (other miners, users validating funds they receive, businesses, etc.) will always consider the version of the blockchain with the most cumulative “cost” sunk into it the valid state of the database so long as every transaction in the blockchain does not violate any rules. A very short list of examples (though by no means comprehensive):

• Miners cannot claim more coins than the sum of the current new issuance per block + the miner fees from all transactions in a block.
• A transaction is not valid without correct verifiable signatures for every one of its inputs.
• A block is not valid unless 100% of the transactions within it are valid.
• A block is invalid if it exceeds the blocksize (a size limit on how big database updates can be).

With everyone watching and verifying miners can only collect their revenue if they provide a proof of incurred cost through a valid block header and follow all the rules of the blockchain. Only then will market participants consider a transaction as having occurred and honor the other side of the economic interaction.

Painting A Bigger Picture

So what the hell is Bitcoin? It’s a database. A database that represents money with a predetermined supply and inflation schedule. A database storing these things in a way allowing the verification of its integrity. How do you know you actually possess the ability to spend real Bitcoin if you haven’t verified the validity of every single transaction back to the moment every satoshi of value you were sent was brought into circulation by miners? How do you verify that chain of transactions if you don’t verify all transactions in the blockchain? Remember, a block is invalid if a single invalid transaction is in it. Any block building on an invalid block is also invalid.

Ultimately Bitcoin is just a “truth” machine, and I put truth in quotations for a reason. What does it prove the truth of? A block header proves that some rough number of hashes were done on it, expending energy, to meet the difficulty target. The merkle tree proves the set of transactions a specific block header committed to. What these things do not prove by themselves is that everything in the blockchain is valid according to the rules. In order to prove that, users have to actually download and linearly verify that every transaction in every block follows all the rules (in addition to verifying the blockheaders, and the merkle trees committing to transactions).

Herein lies the catch-22 of Bitcoin and blockchains. The cryptography incentivizes the blockchain to keep moving forward, allows for guaranteeing that ownership transfers are legitimately authorized, but it does not alone guarantee the integrity of the global system monetarily. The only thing that guarantees that is users of the system fully verifying the entirety of the blockchain against the rules when they interact with it. It should be intuitive why this can present problems to the system as a whole if most people cannot verify the blockchain because it is too big. What is the difference between that and a bank database or AWS? If a user cannot verify the blockchain themselves, they have to blindly trust whatever entity is doing it on their behalf. If verifying the blockchain becomes prohibitively expensive, then it is possible that a small enough group winds up being the only verifiers to be able to change the rules they are following without users noticing.

Bitcoin and the blockchain that powers it can accomplish revolutionary things in extending access to an asset and a network to transfer it that cannot be shut down or closed off to undesirables. But it can only accomplish those things if it is practical for users to download and fully validate the historical blockchain. If users cannot do that, then it is fundamentally no different than the cloud or banks of old. If you cannot verify the blockchain, you are subject to the blind whims of whoever is doing that for you. Just like JP Morgan or Twitter.

Why Bitcoin Works: For the New People was originally published in Block Digest Mempool on Medium, where people are continuing the conversation by highlighting and responding to this story.