Bitcoin for dummies

in #bitcoin7 years ago (edited)

Bitcoin has been around for about ten years, but i see many people asking for comprehensive explanation about its functioning, and there doesn’t seem to be that much complete explanation of the technical side, so as i have been exploring the code of various client and blockchain protocols, i decided to attempt at making an easy explanation for the global principle.

The article might contain errors unclear informations, i will correct them as they are pointed out.

The first thing that need to be mentioned is that bitcoin incorporate different aspect and mechanisms in one protocol and one application, which make it difficult to grasp at first for beginners.

I divide the functionalities into 3 categories.

  1. The transactional database apsect, which allow to express transaction of an asset from one person to another using asymetric cryptographic signature.

  2. The block validation aspect (mining or staking).

  3. The coin emission aspect.

transaction format

The most important and straightforward aspect of bitcoin is its ability to allow a person to send assets to another.

The mechanism is based on asymetric cryptography, in the case based on eliptic curve mathematics.

As all asymetric cryptographic algorithm, eliptic curve allow to generate a pair of numbers, in sort that one member of the pair can be easily deduced from the other, in asymetric maner, but not the other way around.

A new pair of key is generated by generating a large random number, interpreted as coordinate of a point on the curve, from which the public key will be computed.

EC

When one manipulate a pair of keys in bitcoin, there is the private key and public key, the public key can easily deduced from the private key, but it’s very hard to deduce the private key from the public key due to mathematic property of the equations used to generate them.

Another algorithm then allow to use this private key to « sign » data, in sort that it can be verified that the private key used to sign it correspond to a given public key.

In bitcoin this signature algoritm is ECDSA.

The othe concept used in transaction emission, and in many other place in bitcoin is the concept of cryptographic hash.

Cryptographic hash are mathematic functions that will generate a unique large number based on a given input data (in case of sha256, a 256 bits number), in sort that it’s impossible to deduce the data used to generate it from the hash, but it can be verified that the hash has been generated based on a given input data because each different input data will be "hashed" to an unique number.

"hash"

If two differents input data generate the same hash, it’s called a collision, but with large enough hash this should never happen.

In the case of transaction, the input data to be hashed will be a transaction consisting of a transaction header containing description of the transaction, and a number of input and outputs.
Basically a transaction looks like this

Tx format

The output contain a script, that specify how the coins will be able to be spent, and the amount of bitcoin added to the destination balance.

There are two types of scripts commonly used in outputs.

  • One type of script contain the public key of the person who will then own bitcoin in clear.

  • The other type contain a 20 bits hash of this public key.

The input contain the hash to reference a previous transaction and the index of the output to be spent, and either only the signature of the hash of the transaction in case the public key is in clear in the output script, or the public key in clear plus the signature if the output script only contain the hash of the public key.

The difference between the amount specified in the new output, and the amount specified in the output indexed by the input is called the ‘transaction fee’, and will automatically be added in the block reward (more on this latter).

The hash of the transaction is computed using SHA256 function, while blanking the input script to be signed because a signature can’t sign itself.

This transaction hash will then be signed using the private key that correspond to the public key in the output script specified in the input, and this signature inserted as a data entry in the input script.

The hash of the transaction will be computed based on the binary representation of such transaction, with the signature data blanked in the input to be signed.

The private key used to generate the signature of the input has to match the public key used in the previous txo script.

So far so good i think that pretty much summarize it for the basics of transaction.

block validation consensus.

When transaction is emitted in the network, it will be sent to other nodes using the TX protocol message, and propagated to all nodes entering their memory pool.

All nodes contains a memory pool of transactions, but each node can contain a different set of transactions in its memory pool.

"nodes"

Here the problem of the requirement for a global consencus start to appear, as nothing prevents someone to emit two transactions using the same output as input, but different public key in the output, which will result in the infamous double spent.

To solve this problem, before a transaction is considered to be « confirmed » it first has to be included in a block.

A block is essentially composed of a header, and a list of transactions.

The header contain the merkle root of the transactions, the hash of the previous block and a nonce value.

The merkle root is a hash computed using an algorithm that basically hash all the hashes of the transactions included into the block into a single hash.

Different methods can be used to reach the consensus to decide which set of transactions in the memory pools will be considered as valid.

I will detail the two main protocol used to validate blocks, POW (proof of work) and POS (proof of stake).

proof of work

With proof of work , for the block to be valid, the header data must hash to a number inferior to the network difficulty.

As each block header will correspond to a unique hash, and it’s impossible to revert the hash to the original data, to find a block header that match the required difficulty, the mining node need to find the good nonce value in the block header for it to be hashed to a value inferior to the network difficulty.

The network difficulty is an arbitrary number, that is computed at each new block based on the time elapsed between the two previous blocks, in order to keep a constant time between two blocks, which is called the block target time.

If the block target time is 10 minutes like in bitcoin, and the next valid block took 8 minutes to compute, the network difficulty will be increased accordingly, and the next block will have to contain a header that hash to a number inferior to this difficulty.

This is called difficulty retargeting.

The lower the difficulty is, the more hashes will be need to be computed, as a lower range of hashes will be valid, as they have to be inferior to this difficulty.

As computing a hash cost some significant cpu time, it translate to an energy cost, and as the difficulty will adapt to keep the block generation time constant, it mean that in theory if all the peoples using bitcoin are trying to compete to find the next good block, it will need roughtly a computing power equivalent to the whole network computing power to find the block, which in theory garantee decentralization of block validation.

But historically, as the chance to find the next block is proportional to the total computing power of the network, as the network grow, the chance to find a block is reduced significantly, leading at first to pooled mining.

In pooled mining, instead of all the miners competing to find the next block separetely, the mining pool will generate a single block, and distribute the range of nonce to check to find the next good block among all the miners connected to the pool, and will distribute a share of the reward of the block to each miners, proportionally to the range they have scanned.

Then came the time of ASIC mining, which are specific hardware who can beat any computer in term of cost efficiency to compute hash, and all the mining eventually became centralized on few mining farm managing to reduce the cost efficiency to minimum with economy of scale and various other factors.

proof of stake

With the proof of stake validation scheme, instead of validating the block based on an estimatation of the entire network hash rate, the validation is based on finding a hash inferior to the network difficulty based on the amount of coins one own, by hashing txo instead of block headers, and signing a transaction with this txo as an input with the stake reward added to it as an output with the same key.

Instead of scanning all the possible nonce value in the block header to find the hash, the ‘staker’ need to scan all the txo he owns, using the timestamp of the new transaction in the hash computation, in order to find a hash that match the difficulty.

The amount of coin present in the output will be factored in to compute the actual ‘proof of stake’, which basically give authority on block validation to people owning lot of coins.

coin emission

As computing a hash cost energy, the economic soundness call for offseting this cost by a reward when one is able to mine or stake a new valid block.

The reward will take the form of a transaction with blank previous transaction index, and the output containing the value of the current block reward plus the transaction fees, and the script contain a public key corresponding to a private key owned by the miner.

When a new block is accepted by the network, this sum will be added to the miner balance.

As this reward is basically created ‘ex nihilo’, as it doesn’t refer to previous transaction in the input, a valid block can only contain one, and it will be considered as new coin emission.

Each time a new block is mined or staked, the amount of coin corresponding to the block reward will be added to the total coin supply, thus creating a form of inflation.

Most coin will limit this inflation by halving this block reward at regular interval, then with a logarithmic computation, it allow to know the total amount of coins, or money supply, that will be available after a certain period of time.

Originally as mining was supposed to be decentralized, it was also a good manner to distribute new coins to anyone wanting to participate to the block validation process, as well as adjusting the market cap to the demand with network growth, but as network started to grow up, and mining became more centralized, it became the center of a very harsh economic competition between mining farms to generate the next valid block.

coin emission

As time goes, the block reward will be less and less, tending toward zero, leading to potentially a problem to incencitive miners properly to offset the heavy cost of computation the hash for valid block, but also limiting the total money supply over time.

Well i hope that cover most of it !

There will be probably correction or additional information to complete it, it’s a first version, i hope it can clarify the functioning to people new to it wanting to find more informations about technical Inside of the bitcoin !