This is the 2nd installment of the serialisation of the book B is for Bitcoin by Daz Bea and Seb Bunney.  

Link to:  Chapter 1

Buy the Book:  Independent / Amazon

Chapter 2 - Section 1: Decentralization

Key Questions Answered:

• What is decentralization?
• Why does Bitcoin need to be decentralized?
• What makes Bitcoin decentralized?
• How does Bitcoin solve the Byzantine Generals’ Problem?

With chapter one behind us, it is time to explore the inner workings of Bitcoin.

We often hear of this concept of decentralization in relation to Bitcoin, with people placing a lot of emphasis on its importance. This section will examine what it is and why it is crucial, particularly for a monetary good. 

Before diving in, we wanted to highlight that Bitcoin is incredibly interconnected. Understanding one part requires knowledge of another. It is, therefore, best to just jump straight in. With this in mind, you may have questions arise in the first few sections of this chapter, but we promise that with perseverance, those questions will be answered in the coming sections.

What is decentralization?

Before diving into decentralization as it relates to Bitcoin, let's go over what it is and how it differs from its counterpart,  centralization. In its simplest form, decentralization can be described¹⁵ as:

“The transfer of control and decision-making from a centralized entity (individual, organization, or group thereof) to a distributed network. Decentralized networks strive to reduce the level of trust that participants must place in one another.”

In other words, decentralization involves distributing trust throughout the network rather than relying on any singular entity. The larger the distributed network, the more trustless it becomes. 

This differs from a centralized system where trust is inherently required. A centralized entity places trust in a person or a small group of people to finalize any decisions impacting the network (which could be millions of people). We must have trust and faith that the central entity has our best interests at heart. 

Centralization is excellent for entities that want to pivot quickly and test ideas, such as those in the tech world, where entrepreneurs create start-ups that test and produce wild, innovative ideas in short succession. However, rapid decision-making and quick pivoting are much harder under a decentralized system where change requires consensus amongst its participants. Since many people have different views, it can be challenging, or sometimes impossible, to shift gears quickly. 

Decentralized systems foster a trustless environment where no single entity has control or can govern the direction of the network. This promotes security, stability and predictability. That's not to say a centralized system cannot have these things; it's just that a centralized entity differs in that it can shift gears, take its users by surprise, and make unilateral decisions that adversely affect users. This can have negative impacts on security, stability or predictability.

Let us now integrate Bitcoin into this topic of decentralization.  

Why does Bitcoin need to be decentralized?

Every day we interact with centralized entities, such as our money, bank, cell phone provider, internet service provider etc. Our bank, for example, runs its own central ledger, which houses all of its customer's information and transaction history, including credit, debits, and current account balances. 

One of the drawbacks to this is that an authoritative figure, such as the bank manager, has the ability to change the ledger. We, therefore, have to trust that there are no malicious individuals within the bank who would adjust the ledger to their benefit and at our expense. While one might argue that this is improbable, we simply want to highlight the fact that it is indeed possible.

With regard to money and monetary policy, we currently have little choice but to trust and rely on the government and the central bank. They control the monetary supply, interest rates, taxation, and government spending through monetary and fiscal policy. Tinkering with any of these levers can drastically impact the currency's purchasing power, diluting the value of the units of currency we hold.

As should now be evident, although there are benefits to centralization, most people desire security and stability when it comes to their savings. They want to trust that their purchasing power isn't going to decline through dilution one day or one year to the next and that their bank isn't going to close their bank account or reject their wire transfer. Because of this over-reliance on trust in our traditional system, Bitcoin was born. That said, in order to remove this reliance on trust, Bitcoin had to achieve decentralization. 

You may wonder if Satoshi created Bitcoin; doesn't that make it centralized? 

Although Satoshi wrote the initial software and rules of Bitcoin, he left the project within a couple of years. Since then, the ‘community’ (a worldwide, ad hoc group voluntarily engaging with the network) has been in charge of all decision-making and governance through consensus. We can only imagine that Satoshi knew that, in order for Bitcoin to grow into a truly decentralized network, he had to remove himself.

This is not the case for the vast majority of the other cryptocurrencies that exist today. Most of these can be characterized by having foundations or central bodies that govern the direction of the project, changing monetary policy as they see fit, reserving significant units of the currencies for founders or insiders, and can even change the history of transactions. 

As a decentralized network, Bitcoin has proven itself when it comes to stability and security since its inception and has had virtually 100% uptime, except for a few brief moments in its very early days. Bitcoin has also never been hacked, which is a feat in itself, given that it is arguably the most scrutinized computer code in computer science history due to the value residing behind its transparent source code. 

At this point, Satoshi could reveal himself tomorrow, but it wouldn’t make a difference to the Bitcoin network. After he handed it over to the community, he conceded control. He, therefore, has no more authority over Bitcoin than you or I, or most importantly, any central banker.

What makes Bitcoin decentralized?

As we discussed in the previous section, two of the most essential elements in the Bitcoin network are:

1. The Nodes that enforce the rules of the network and monitor the blockchain, ensuring the transactions and miners are adhering to these rules.
2. The Miners, who confirm transactions by adding pending transactions to a new block and appending this new block to the blockchain, thus updating the ledger.

Combined, the nodes and miners create what is called a distributed ledger. And it is this distributed ledger that promotes a decentralized, or in other words, a trustless environment. 

How does Bitcoin solve the Byzantine Generals’ Problem?

If you recall from the section, “Bitcoin’s Inception,”  we introduced the Byzantine General's Problem. 

How can we send a message without the need for trust or a third party? 

For Bitcoin to become truly decentralized, it had to solve this problem. Anyone must be able to send and receive bitcoin without the need for trust or a third party (like a bank). 

And here's how it does so…

Within a centralized system, such as the bank, a central authority controls the ledger. We have to trust the bank's central authority. What Bitcoin does differently is:

1. It breaks up the centralized authority into two roles: 

Rule enforcement– the nodes. 

Transaction confirmation and settlement– the miners.

1. It then allows any number of everyday people to run a node or become a miner (or both).

We no longer have to rely on any single entity to ensure everyone follows the rules and that transactions are verified and settled honestly. 

Let’s expand on these two vital roles listed above:

Rule Enforcement (Nodes)

Every node in the Bitcoin network is a computer running freely available software, which features:

1. A copy of the Bitcoin rules, which the network has defined through consensus. 
2. An up-to-date copy of the Bitcoin ledger, which details all transactions and balances (who owns what).

As mentioned before, no singular entity has control over the ledger. It is distributed amongst every single node in the network. Each node continuously checks its version of truth against everyone within the network. A bad actor could set up a node and change the rules, but if their rules don’t align with the majority, their changes will be ignored by the Bitcoin network.

Transaction Confirmation & Settlement (Miners)

*We will discuss mining in greater detail later. In the meantime, we are simplifying things here so that you understand the basic concept.

Each miner in the Bitcoin network is a special computer containing sophisticated hardware designed to solve an extremely complex computational problem.

Firstly, when Bitcoin miners create a new block, there is no certainty that they will be the ones to append this newly created block onto the blockchain. Why? Every miner has to compete against every other miner on the network by winning a cryptographic hashing lottery, where they need to guess a number below a certain target. The first miner to solve the problem is allowed to append their newly created block onto the blockchain, updating the ledger. As compensation, they collect the block reward, which includes all the transaction fees for every transaction within this new block and the block subsidy. 

Secondly, every block and transaction is monitored by the nodes. A miner could, in theory, attempt to cheat the network by changing transaction details in their block to benefit themselves. For example, let's say there's a transaction where Sally sends Jill 0.001 bitcoin. The miner could alter the transaction to have Sally send the 0.001 bitcoin to themselves instead. However, as all transactions and blocks are monitored by the nodes (rule enforcers) and secured by cryptography, they would reject the miner's altered block. With this rejection, the miner would lose their compensation for creating a block. Therefore, it is in the miners' best interest to support the network rather than cheat it. Everyone is incentivized to play by the rules!

Combined, this updating of the ledger (transaction confirmation, settlement and rule enforcement) across a network that's spread across multiple locations and entities (miners and nodes) is known as distributed ledger technology. The more widely distributed the ledger is, the more stable, secure and decentralized Bitcoin becomes. This non-reliance on any singular or centralized entity is where the term "trustless" or "permissionless" comes from. You do not need to trust any central authority, and you do not require permission from any singular entity to transact on the network.

Distributed Ledger Example

This idea of distributed ledgers may seem a little abstract, so here's a scaled-down example of Bitcoin. Imagine we had our very own blockchain, just like Bitcoin. This blockchain contained some really important data we were working on. We could secure this data in a distributed way by keeping one copy at home and another on our office computer. We could then write a program (node) that would continuously compare these datasets and flag any discrepancies.

This is where the beauty of the distributed blockchain comes into play. We can compare these copies at any time by having multiple copies of the blockchain. 

For example, let’s imagine we leave our office computer unlocked, and some nefarious actor changes the data in our blockchain. Luckily, when we check our node, we will see that it has flagged a discrepancy between the office and home computers. However, now, we face the issue of which dataset is correct. The office or the home computer?

With only two versions of the data, we can't tell which copy of our blockchain the attacker has changed unless we personally know. But relying on our own knowledge means we are relying on trust. And, remember, we want this to be a trustless environment.

It would stand to reason that it would be handy if we had a third version to compare to. Therefore, let’s keep a copy at home, a copy at the office and another copy at our friend's house.

If the nefarious actor were to strike again, we would now have a consensus mechanism by which to compare versions. If one computer is tampered with, the other two will show consensus on the datasets they are running, so we will know they are correct. We can, therefore, disregard the misaligned computer and continue on our way.

In this scenario, we still have to put a level of trust into this consensus by assuming that the nefarious actor would not have been able to:

1. Know the physical location of all three nodes in our network.
2. Be able to break in and change the data on two of the three sets of this blockchain.

Now imagine thousands of miners and nodes randomly distributed throughout the world, updating and verifying this blockchain. A bad actor would have to track down and change more than 50% of these nodes to cast doubt about which version of the chain was the truth. This is highly improbable, if not impossible, and is precisely how the Bitcoin blockchain works. A network of randomly distributed miners and nodes, run by everyday people, each storing a version of the truth and keeping each other honest. This is what makes bitcoin decentralized and trustless. No one party controls it, and it is distributed between each and every participant in the network. 

Figure 2.11: Centralized vs Decentralized Ledgers¹⁶

Tying everything together, Bitcoin solves the Byzantine Generals’ Problem of how to send a message/bitcoin without the need for trust or a third party, as we are never relying on any singular central authority to transact. When you send or receive bitcoin, your transaction is processed by a random miner on the network and then confirmed by every node (As of May 2022, there are over 15,000¹⁷ reachable nodes and many more unreachable¹⁸ nodes). With Bitcoin, there is no need for trust. In the words of Satoshi, Bitcoin is:

“a distributed system with no single point of failure. Users hold the crypto keys to their own money and transact directly with each other.”

Bitcoin is the most decentralized and trustless monetary asset to have ever existed. This property, whereby Bitcoin’ cannot be manipulated, co-opted or coerced by any single person, government, institution or entity, is what entices so many to join the network.

Chapter 2 - Section 2: Blockchain, Hashing & Mining

Key Questions Answered:

• Why do we need miners?
• What is the role of miners?
• What is Hashing?
• How is a blockchain secured?
• How do blockchains prevent changes in previous information?

Chapter two brings us deeper into the nuts and bolts of how Bitcoin works from a protocol perspective. Let's jump into the blockchain, hashing and mining. 

*Note: Grey text is for a slightly more in-depth explanation.

Why do we need miners? 

Miners are an integral component of the Bitcoin network. We need them to mine blocks, which leads to bitcoin issuance, and to confirm the transactions. Moreover, miners (along with nodes) help keep the network decentralized, as we do not have to trust any single authority. Instead, we can distribute this trust across a large, geographically dispersed network of miners, all incentivized to work toward a common goal.

What is the role of miners? 

Before a bitcoin transaction can be completed, it must be added to the blockchain. Therefore, there are two states to bitcoin transactions:

1. Unconfirmed - After a transaction has been initiated, it “floats” in something called the memory pool, or “mempool,” for short. There is no certainty that the transaction will be processed in this state. This is similar to a pending transaction on your credit card statement. Something could cause the transaction to be rejected or declined.
2. Confirmed - Once a transaction has been appended to the blockchain and checked by the nodes, the transaction is classified as “confirmed.” While similar to a posted transaction on your credit card statement, it differs in that it is almost impossible to reverse a bitcoin transaction.

Roughly every ten minutes, a new block is added to the blockchain. It is the role of the miners to take unconfirmed transactions from the mempool, add them to a block and then compete against one another to have their block appended to the blockchain. The miner who wins is awarded the block reward (currently 6.25 bitcoin plus the transaction fees). 

Now that we understand why we need miners and their role in the network, you’re probably wondering how they actually conduct this work we know as “mining?” 

Let’s explore what mining entails.

 What is Hashing?

Before we can begin to unpack mining, we must first grasp a critical concept used in Bitcoin called “hashing.” Hashing is the act of sending information through a hash function. Think of hashing as creating a unique digital fingerprint from a data set. 

A hash function works as follows:

1. Input data goes into the hash function.
2. Within this hash function, the input data is sent through a bunch of mathematical processes.
3. The output is a series of alphanumeric characters known as the hash.

If we were to input “Looking Glass education is the best!” into a SHA256 hash function (which is the hash function currently used in Bitcoin), we would be returned with the following: 

“818a628787a0c0933c84cca11aa7e846d35928cd0ef7e8162961a1e7ab119772”

This string of letters and numbers is called the “hash.”

Despite the hash looking like a mixture of letters and numbers, it is essential to note that it is simply a number represented in hexadecimal form (we explain this soon), and therefore, it has a value. This will be crucial to remember for later.

Let’s recap:

Hash Function - A series of mathematical processes which convert input data into a hash (A digital fingerprint of the information). 

Hashing - The act of sending data through a hash function and generating a hash.

Input Data - The information being sent into the hash function.

Hash - The output of the hash function.

Why do we use hash functions? 

1.  Security: Hashing allows us to verify sensitive information without revealing/disclosing the information itself.  For example, a website may not want to store your password for privacy reasons. It, therefore, keeps a hash of your password on file. Every time you log into the website, you enter your password, which is sent through the same hash function that was used when you first set your password. If the hash generated matches the hash on file, you are granted access. If not, it knows that you entered the wrong password and denies you entry.
   

It is important to highlight that a hash is a one-way function. In other words, knowing the hash doesn’t allow us to determine the input data, i.e. in the above example, there is no way of decrypting the password from knowing the hash. This is the power of cryptography. 

1. Efficiency: Hashing allows us to generate a digital fingerprint from any volume of input data, saving time and energy when comparing data. For example, if we had two large bodies of information and we wanted to confirm that the information contained in each set was identical, we could send each set through a hash function and instantly see if the hashes returned were the same. This is far more efficient than comparing and analyzing the input data manually.

The SHA256 Hash Function

There are many different types of hash functions, all serving different purposes, and some are better than others. The Bitcoin protocol uses one called SHA256, which was invented in 2001 by the US Government's National Security Agency (NSA). It is well known to be incredibly safe, secure and resilient.

What is fascinating about hashing is that it doesn’t matter how much data you run through the hash function. The output is always the same length (see figure 2.21). Even though “Example 1” has more input data than “Example 2,” the hash length remains the same at 64 characters.

*Give it a try yourself! Here¹⁹ is a link to an online SHA256 Hash Function. Play around with entering various information and notice how the hash changes, even when you simply capitalize a letter.

Figure 2.21: Example of SHA256 Hash Functions

Why is a hash output always the same length? First, a SHA256 hash will only ever include the characters 0123456789ABCDEF. This character format is called base 16 or hexadecimal, as there are 16 characters. Secondly, the “256” in SHA256 refers to the size of the hash. No matter how much data goes into the hash function, the output will always be 256 bits in size. 

What does that mean? Bits are binary units. They can either be a 0 or a 1. The hash function in binary would be 256 characters long, consisting of 0’s and 1’s. A 256-bit long number can be better represented using a hexadecimal number consisting of just 64 characters.  Although interesting, all you really need to know is that a SHA256 hash will always be 64 hexadecimal characters in length, no matter how much input data goes into the hash function.

Now that we have a firm grasp of hashing and some of the key features of the SHA256 hash function, let's dive into blocks and mining.

About Blocks

As you can probably guess, Bitcoin's blockchain is made up of many, many blocks (745,555 at the time of writing, July 2022). Within each of these blocks is a myriad of important information, including a list of transactions. That means that if we were to look inside every one of the 745,555 blocks, we could piece together every bitcoin transaction that has ever taken place.

It is the role of the miners to create these blocks and append their newly created blocks to the blockchain. Whenever a new block is added to the blockchain, all of the previously unconfirmed transactions that the miner has recorded in this new block become confirmed. This process is known as settlement. Once a transaction is added to a block and appended to the blockchain, it is recorded on the Bitcoin blockchain forever. This transaction is now final and is almost impossible to reverse. This may seem a little abstract, so let's look at an example. 

Figure 2.22 is an example of a simplified block. For simplicity, let’s ignore all of the information under the “Block Header” and just focus on the “Transaction Data” and “Block Hash.”

Figure 2.22: Block Hashing Example

If we ignore the “Block Header” information, for now, notice how we have something very similar to figure 2.21. We have input data, labelled “Transaction Data” (1.), and we have an output hash, labelled “Block Hash” (2.) If you recall, a hash is simply a digital fingerprint of the input data and “Block Hash” (2.)  is the digital fingerprint of our “Transaction Data” (1.).  Comparing “Example 1” and “Example 2”  above, you will notice each “Block Hash” output is unique, as the input “Transaction Data” within each block is different. 

Without going into the details of the “Block Header” just yet, it is important to note that the “Block Hash” is a digital fingerprint of the entire block. That means it includes all of the “Transaction Data” and “Block Header” information. If any single piece of this information in the “Block Header” or “Transaction Data” changes, the “Block Hash” will reflect this and change.

You’re probably wondering, well, this is just one block. What makes a blockchain? 

Blockchain

Let’s picture a metal chain (Figure 2.23). With this image in your mind, notice how it is made up of many links chained together. 

Figure 2.23: A Physical Metal Chain

This is a good metaphor for the blockchain. Think of each block as an integral link within the blockchain as a whole. The only difference is that, instead of the blocks being connected via a physical metallic loop, they’re connected by an information field known as the “Previous Block Hash” (1.), which references the prior block's “Block Hash,” as shown below. 

Figure 2.24 is an example of a three-block-long blockchain where “Block 3” references “Block 2,” which references “Block 1”.

Figure 2.24: Building a Blockchain

The output “Block Hash” from “Block 1” now forms part of the input data for “Block 2’s” “Block Hash.” Once “Block 2” has been appended to the blockchain, its “Block Hash” forms the input data for “Block 3” and on we go, forming a chain. 

 Altered Block

Where a distributed blockchain ledger differs from a simple, centralized ledger is that once a block is appended to the distributed blockchain, it becomes almost impossible to alter any information stored in these blocks. This is not the case for a centralized ledger, where it is easy to go back and modify the ledger, as this information is not distributed or repeatedly referenced and checked for accuracy by thousands of geographically dispersed parties. 

In figure 2.25, if we were to accidentally reorder the transactions in “Block 1” so that Martin’s transaction was first (1.), instead of Tim’s (such as in the “Blockchain Example” above), the “Block Hash” would change (3.).

We now face a problem. The “Previous Block Hash” field in “Block 2” (2.) no longer accurately references the “Block Hash” of “Block 1” (3.). The blockchain has been broken. To fix this, we would have to alter every proceeding block until they are correctly linked once again—a tiresome task (we will explore why in a moment).

Figure 2.25: Altered Block Example

Now that we are clear about how blocks make up the blockchain, let’s look at mining and how these miners, all with a copy of the blockchain, compete against one another to append to the Bitcoin blockchain. 

Mining

When miners create a new block, there is no certainty that they will be the ones to append this newly created block onto the blockchain. Why is this? Every miner has to compete against every other miner on the network by solving a computational problem.

The first miner to do so appends their newly created block onto the blockchain and then broadcasts this update to everyone else on the network. Once the network confirms that this new block is indeed legitimate, the successful miner collects the block reward (made up of the block subsidy, currently 6.25 bitcoin, and the transaction fees) as compensation for their work. 

If you recall, earlier, we mentioned that the “Block Hash” is simply a number. Understanding this is essential as it helps us grasp this concept of the mining competition. 

So, what is this competition? In its simplest form, miners have to get their “Block Hash” below a target value, and the “Difficulty” determines this value. We don’t expect this to make sense initially, so let's use an analogy. 

You could liken mining to a unique golf tournament:

Imagine a bunch of golfers (miners) competing against one another to win (mine a block) and receive a prize (the block reward).

The only difference to a traditional golf tournament is that, rather than the winner being the lowest-scoring player over 18 holes by the end of the tournament, the winner is the first to score under a target amount of points (the “Difficulty Target”). 

Additionally, this point target isn't fixed. The more players in the tournament, the higher the probability someone will score under the point target. Therefore, as more players compete (more miners), the target number decreases, making the game harder to win. 

Lastly, if you don’t score under the point target, you can play again, and as many times as you like. 

This is essentially Bitcoin mining.

Confused? We get it. These can be very abstract concepts to grasp, so let’s break them down further. 

Difficulty Target

So what does it mean for miners to get their “Block Hash” below a target value? You may have noticed that a hash is hexadecimal, meaning it contains both numbers and letters. However, although the hash contains letters, it is still a numerical value. To help visualize this, figure 2.26 is a chart showing the base 16 hexadecimal characters converted to their numerical value.

Don’t worry. You don’t need to remember this conversion. It just helps when understanding the difficulty adjustment.

Figure 2.26: Hexadecimal to Decimal Conversion Chart

Knowing that the “Block Hash” is simply a value allows us to better understand the role “Difficulty” plays.

As described in the golfing example above, for a miner to win the competition and append their block onto the blockchain, they have to generate a “Block Hash” value below the current target value. 

This is achieved through a numerical text string of data within the block known as the “nonce”. If you recall, the “Block Hash” is a digital fingerprint of all the information contained in a block. However, although there are multiple pieces of information contained in a block, only one of them can be manually altered, the “Nonce.” Changing the “Nonce” value from, say, 0 to 1 is going to change the entire “Block Hash”. 

This is where the game of trial and error comes in. As there’s no way to predict the output of a hash function, miners must continue entering arbitrary numbers into the “Nonce” field until they manage to get their “Block Hash” value below the target number. The “Difficulty” sets the target value for the block. 

Mining is essentially the biggest guessing game on the planet. 

Let’s have a look at the example in figure 2.27. For simplicity, instead of using the standard 64-character SHA256 hash, let’s pretend the “Block Hash” is a value between 0 and 9999. In this instance, the “Difficulty” is set at 0085 (1.). This means the first miner to get their “Block Hash” value below the target value of 0085 gets to append their block onto the blockchain. Therefore, the miner will continue to adjust their “Nonce” value until they generate a  “Block Hash” that is below 0085 or 85.

As you can see, initially (2.), the miner is unsuccessful. A “Nonce” value of one gives the miner a “Block Hash” value of 6345. This is not below the desired value of 0085. The miner keeps incrementing the nonce by one each time. 2,3,4,5,6…etc. is attempted. After 356 attempts (3.), the miner has managed to find a “Nonce” value that gives the “Block Hash” a value of 0049, below the target value. And lucky for them, they are the first miner to do so. Therefore, they append their block to the blockchain, broadcast the new block to everyone else on the network, and are compensated with the block reward. 

At this point, every other miner on the network discards their current block and starts working on a new block, referencing this newly appended block, and the competition starts again. 

The network is then able to verify that this new block is valid by confirming the block data coupled with the nonce produces a valid hash lower than the target. One of the magical features of cryptography is that the network is able to confirm the nonce is valid without having to repeat the work that was done to discover it. 

We liken this to those wiz-kids who can solve a Rubik's cube. We have no idea what steps they took to solve the jumbled puzzle, but we can easily confirm they solved it by looking at it.

Figure 2.27: Blockchain Mining Using Nonce Values 

In figure 2.27, you may have noticed above that as the “Difficulty” increases, the target value decreases, thereby requiring more leading zeros at the start of the “Block Hash” (3.). With this in mind, we can gauge the current difficulty for miners. At the time of writing, the target number is 45 characters long. Given that a SHA256 hash is 64 characters long, the “Block Hash” has to start with at least 19 leading zeros (64 - 45 = 19) for its value to be below the target number. As SHA256 uses base 16, each character has the potential to be one of 16 different characters, zero being one of those characters. From a probabilistic standpoint, the chance of a hash starting with one leading zero is 1/16 (6.25%), two leading zeros is 1/256 (0.39%), and three leading zeros is 1/4,096 (0.02%). 19 leading zeros is an improbable 1/75,557,863,725,914,300,000,000. As more leading zeroes are required, it is exponentially harder to get the “Block Hash” below the target number.

How does the “Difficulty” value change?

Every 2016 blocks (roughly two weeks), the Bitcoin code undergoes a “Difficulty Adjustment” to ensure that blocks are mined at an average of ten minutes per block. 

If many miners suddenly came online, more competition would mean blocks would be mined faster than every ten minutes. To prevent this, at the next “Difficulty Adjustment,” the difficulty would increase (lower target value) to counteract this rise in block production. This makes it harder for miners to generate a hash that satisfies this lower target value, thus slowing down the mining.

Alternatively, if many miners were to go offline (as we saw in the great Chinese mining ban of 2021) due to the sudden reduction in competition, blocks would be mined slower than every ten minutes, as the difficulty would be too hard for those remaining on the network. In this scenario, the next difficulty adjustment would decrease the difficulty,  thus increasing the target number and making it easier for miners to mine once again.

Bad Actor

Building on our altered block example earlier, as every block references the “Block Hash” of the previous block, if a nefarious actor were to change any single piece of data in any block on the blockchain, it would immediately break every block thereafter. This is because if you change a piece of information in a block, the “Block Hash” will reflect this, and the “Previous Block Hash” field in the following block will no longer match the “Block Hash” of the changed block. 

We can see this in figure 2.28, where the “Block Hash” of “Block 1” (3.) does not match the “Previous Block Hash” of “Block 2” (2.). The blockchain has been broken.

Figure 2.28: Bad Actor Example

What is happening here? In our “Blockchain Example” earlier, under “Block 1,” Martin had sent Ashley 0.073 bitcoin. However, what if Ashley was a miner and decided to adjust the transaction? Let’s have a look. 

In figure 2.28, suppose Ashley changed the transaction so that Martin, without his consent, sent her 1.073 bitcoin instead. The “Block Hash” of “Block 1” (1.) would change to reflect this. However, in doing so, the “Previous Block Hash” in “Block 2” (2.) would no longer match the “Block Hash” of “Block 1” (3.). The blockchain has been broken. Nothing is connecting “Block 2” to “Block 1.” For Ashley to keep the blockchain intact, she would have to update every block following the changed block. That would be a significant task! Let’s have a look at why this is an uphill battle.

Nodes

If you recall from our example of the distributed ledger in "Decentralization," every node carries a copy of the ledger. If a miner were to alter a block, it would immediately be flagged and discarded by the nodes, as that miner's copy of the ledger would be out of consensus with the rest of the network.

Longest Chain 

Miners communicate with the Bitcoin network when they append a new block onto the blockchain, letting everybody know that they successfully generated a "Block Hash" below the target value. This communication consists of broadcasting their new block to the network. 

At this point, the nodes update their ledgers, and every miner stops working on their current block, looks toward the longest, verified version of the blockchain and starts working on a new block. 

It's important to highlight that miners will always work on the longest chain, known as the main chain. If they’re not working on the main chain, the nodes will reject any changes they make, and their endeavours will be fruitless.

With this new understanding, if a nefarious miner decides to go back and alter an older block, not only would they have to first change the contents of the block to get the "Block Hash" below the target number, but they would have to do this for every successive block, expending an immense amount of energy. 

Another way to look at this is that in order for their altered blockchain to compete with the main chain (longest chain), they'd have to mine the altered block and subsequent blocks faster than the entire network is mining blocks until their chain became longer than the main chain. This means that one bad actor would have to expend more than the equivalent energy that it took the entire network of miners to build the blockchain from the point of change. 

A tall order, if not virtually impossible! Wouldn’t they be better off simply pointing their hash power toward solving new blocks and dominating the competition for block rewards?

Fun Fact: A little-known fact is that this process of committing transactions to the blockchain, requiring all transactions to be audited every ten minutes, birthed the concept of “triple entry accounting²⁰.” This is the first major innovation in the structure of accounting since double-entry bookkeeping, which was introduced in 1494.

Section Summary

With the protocol randomizing which miner verifies each block, miners are incentivized to act honestly and in the interest of the community. If they fail to do so, their newly mined block will be reversed, and they will lose the block reward.

As a result of this randomization, we do not have to rely on any single miner to process our transactions. It is for this reason we can say, "Bitcoin allows us to transact in a trustless and permissionless manner." 

Without this randomized transaction settlement, we must lean on trusted third parties to process our transactions, and then the question is, "can they be trusted to act in the interest of the user?"

Hopefully, this section has cleared up any questions surrounding the role and functionality of the miners.

*Side Note: The bad actor example given above is not entirely accurate. Miners are limited in what information they can alter. Transactions are something they cannot alter. We'll go into this in more detail soon. For now, just know that only the bitcoin owner can sign/send their bitcoin. If the miner alters the transaction, it invalidates the transaction as the altered transaction has not been “signed” by the owner of that bitcoin.  

Chapter 2 - Section 3: The Supply

Key Questions Answered:

• How does new bitcoin come into existence?
• Why will there only ever be 21 million bitcoin?
• Do halvings impact the price?
• How does the difficulty adjustment regulate the amount of bitcoin mined?

In the previous section, we dove deep into the functionality of Bitcoin miners and how they keep the Bitcoin network secure. Hopefully, you now have much greater clarity as to the inner workings of the blockchain. Let us now dive into the bitcoin supply and the release of virgin bitcoin.

How does new bitcoin come into existence?

If you recall, when a miner wins in this competition of hashing computation, they get to append the block they’ve been working on onto the blockchain. At this point, all the transactions inside of that block move from unconfirmed in the memory pool to confirmed and verified on the blockchain. 

What is in it for the miners? As discussed, the miner is rewarded with what is known as the “block reward.” This reward contains all of the transaction fees associated with every transaction in the block, and, more importantly, it contains the block subsidy. It is through the block subsidy that new bitcoin enters into circulation. 

Let’s explore this.

Coinbase Transaction

The first transaction inside every block is known as the coinbase transaction. This differs from a regular transaction, which requires two parties, the sender and the receiver. For the coinbase transaction, there is only one party, the miner, who was successful in mining the block. 

A coinbase transaction, also known as a generating transaction, is fundamental in the generation of new bitcoin. In other words, it is the coinbase transaction that is responsible for the birthing of virgin coins. 

We can see the coinbase transaction for block 736,837 (just an arbitrary block we chose to examine) in figure 2.31. We are using the data obtained from a blockchain explorer, which is a 3rd party service that helps us explore the blockchain data with a nice user interface. 

When we compare the two transactions below, notice the differences. The second transaction has a red arrow for the sending party and two green arrows for the receiving parties. However, in the first transaction, there is only a green arrow, the miner's wallet and a grey arrow that says “Coinbase (Newly Generated Coins).”

These newly generated coins have been introduced through the Bitcoin Protocol as part of the predetermined release schedule of bitcoin.

Figure 2.31: Bitcoin Block

What is important to note is that not all of the 6.45532786 bitcoin shown above are newly created bitcoin. 

If you recall, the block reward contains both the block subsidy + the transaction fees. Therefore, out of the 6.45532786 bitcoin the miner received, 6.25 are the block subsidy (virgin bitcoin), and 0.2032786 are the combined total of the transaction fees for every transaction included in the block. You may now be wondering, how did the first bitcoin come into existence?

Genesis Block

The genesis block is a unique block in the Bitcoin blockchain as it is the first-ever block. However, although the genesis block is the first block, it is numbered block 0. If you recall, blocks store transactions and are linked to one another via the “Previous Block Hash” field. The only exception to this rule is for the genesis block, as it had no other block to link to and no transactions to record. Additionally, the first block was not actually mined. Instead, Satoshi hardcoded the block into the original Bitcoin software. He then used block 0 as the reference for the next block. It is from this point on that Bitcoin mining began.

It is easy to dismiss the first block as being just that, the first block. However, there is a lot of mystery and intrigue surrounding the genesis block. Pushing aside the fact that it is the first-ever block, the block has some quirks. For instance, before the genesis block, there was no such thing as Bitcoin and no bitcoin in existence. This changed with the genesis block, as it contained the first 50 bitcoin. 

However, what's unique about the first block is that the bitcoin unearthed are unspendable. The coinbase transaction in block 0 for the first 50 bitcoin cannot be found in the ledger making the bitcoin unusable²¹. 

Whether Satoshi did this intentionally or not, we will never know. But it is often thought that Satoshi made this block reward unspendable so as not to obtain an unfair advantage in coin circulation. This practice is known as a pre-mine, which, although often frowned upon within the cryptocurrency space, is, unfortunately, a widespread practice. Anyone participating in the cryptocurrency space should make themself aware of this practice and how it may affect them. 

Therefore, the first true spendable bitcoin were actually in block one (the second block). 

*Side Note: If you want to check out the genesis block, you can view the block here²².

You’re probably now thinking to yourself, “ok, ok, I understand how the first bitcoin were created, but if there can only ever be 21 million bitcoin, how can we continue to reward miners indefinitely?” 

Why will there only ever be 21 million bitcoin?

Earlier, we highlighted that the current block subsidy is 6.25 bitcoin, but then we mentioned that the genesis block had a subsidy of 50 bitcoin. Well, which is it? What caps the total supply of bitcoin to 21 million is that the block subsidy diminishes over time, eventually trending to zero. At that point, we will have mined every bitcoin. This diminishing subsidy is a result of something known as the halvings.

Halvings

Every 210,000 blocks (roughly every four years), the block subsidy halves. This is known as a halving. These halvings will continue for a total of 32 halvings until around the year 2140. At this point, the block subsidy will no longer exist, and miners will only receive transaction fees in a block reward. 

With no block subsidy, the total bitcoin in circulation will come to rest at just shy of 21 million, 20,999,999.9769²³, to be precise.

In figure 2.32, we can see the first 14 halving events. The orange line indicates the block subsidy, and the blue line shows the current supply of bitcoin. With a current block subsidy of 6.25 bitcoin, we can determine that we have experienced three halvings since Bitcoin's inception. The next halving will be at block 840,000 (~March 2024), where the block subsidy will decrease to 3.125 bitcoin.

Figure 2.32: Bitcoin Halving Events²⁴

Do halvings impact the price of bitcoin?

Every time there has been a halving so far, the price of bitcoin has subsequently run up. One reason for this is that each time we go through a halving event, the reward to miners (block subsidy) is halved. With miners only receiving half of what they were previously compensated, the cost to mine bitcoin increases. This increase in cost and reduced supply translates to higher prices. Why? If we assume that the costs to mine bitcoin remain fixed and the reward for their effort is halved, in theory, miners will demand at least double the price for their bitcoin to cover their overheads. In reality, while the actual price fluctuations vary, we can’t ignore the impact that a reduced supply has on the supply/demand economics with regard to bitcoin’s price.

Fun Fact

People often say, “NgU (number go up)” or “bitcoin is mathematically programmed to go up in price.” What they are referring to is the fact that because the block subsidy is programmatically halved every 210,000 blocks, we essentially have a pre-programmed supply constriction every four years, pushing up the price. Thinking about the supply and demand equilibrium dynamic that exists for goods and services, if demand remains constant and supply is reduced, this results in higher prices. Ask yourself, do you think the demand for bitcoin will go up or go down in the coming years? 

Is the maximum supply of 21 million bitcoin really fixed?

Although Bitcoiners disagree at times, one belief has held true amongst the many varying personalities in the ecosystem. That is this belief in a fixed total supply, making bitcoin a truly scarce asset. 

To be clear, it is not impossible for there to be more than 21 million bitcoin. Any changes to the Bitcoin protocol are voted on through consensus, so if we were to reach a majority consensus through all the nodes on the network, we could, in theory, raise the total supply of bitcoin. 

However, this is highly, highly unlikely, as it is one of the most valued characteristics of Bitcoin. In fact, many Bitcoiners believe the issues we currently face in our global economy are directly related to our inflationary fiat currencies*. 

*For more information on the effects of inflationary currencies, check out our “Debt, Inflation and the Bigger Picture²⁵” course. 

How does the difficulty adjustment regulate the amount of bitcoin mined?

In the previous section, we only briefly touched on the difficulty adjustment as we wanted to focus on the act of mining. However, it is imperative that we circle back as without this part of the protocol known as the difficulty adjustment, there is nothing stopping miners from continually mining blocks at an increasing rate, speeding up the issuance of bitcoin. 

Every second of every day, miners globally compete to append their block to the blockchain. They expend energy hashing in an attempt to get their “Block Hash” below the target value. Collectively the total hashing by the network of miners is known as the “hash rate.” 

The hash rate can increase in two ways:

1. More miners come on board, dedicating more energy and computational power to the network. 
2. The efficiency of the chips in these mining machines increases, allowing miners to raise their hash rate with the same or lower energy usage. 

However, if there were no mechanism to increase the mining difficulty as more miners competed, we would face a problem. As the hash rate increased, blocks would be mined at an ever-increasing rate. As more bitcoin are mined, the price of bitcoin would collapse as miners flood the market to sell their bitcoin. What prevents this is a mechanism known as the difficulty adjustment, which regulates the block time, and, thereby, the issuance of new bitcoin. 

Difficulty Adjustment

Every 2,016 blocks, roughly two weeks, the Bitcoin code calculates the average block time for the preceding 2,016 blocks. If, on average, blocks are being mined faster than every ten minutes, the difficulty increases, making it harder for miners to get their “Block Hash” below the target number. On the flip side, if the average block time exceeds ten minutes, the difficulty eases off, making it easier for miners. Although there is usually some variance in the block time, the difficulty adjustment makes for a predictable, almost systematic ten-minute block interval over the long run. 

Fun fact: As outlined above, for every 2016 blocks, the Bitcoin mining difficulty is adjusted to maintain block time and supply issuance. In 1933, The US government Executive Order 6102 forbade the personal holding of gold by citizens. Many Bitcoiners speculate that this value of 2016 was not chosen randomly, but rather it is the reverse of 6102, and is a cheeky reference to one of the great innovations of Bitcoin, the ability to “self-custody” (explained in depth a little later on).  

Ignoring all the confusing numbers in figure 2.33, we can see that the difficulty mimics the hash rate. As the hash rate fluctuates, the network difficulty reflects this. This ensures that blocks are being produced every ten minutes.

Figure 2.33: Network Difficulty²⁶

This difficulty adjustment is unlike anything we have ever seen before. 

Take gold, for example. If the price of gold were to increase, mining would become more favourable. As more gold miners search for this lucrative precious metal, more gold will be mined, increasing the total supply. This is not possible for Bitcoin. If the price of bitcoin went up 1000% tomorrow, miners would naturally flood into mining Bitcoin. However, no matter how much the hash rate increased, the difficulty to mine gets adjusted every two weeks, ensuring a predictable supply of bitcoin over time. 

Section Summary

As you can see, the halvings and difficulty adjustment are vital for Bitcoin’s supply schedule. Combined, they create a consistent and predictable release of bitcoin into the world. 

The difficulty adjustment ensures an average block time of ten minutes, while the halving slowly reduces the block subsidy until the total supply of bitcoin eventually stops just shy of 21 million. 

This scarcity is unique, and not only to the digital realm. When it comes to gold, we cannot be certain we will not find large reserves on this or other planets, thereby defeating its value proposition. But even then, without brand new large deposits, the gold supply has been growing at 1-2% per year since the early 1900s. 

With the combination of an immutable ledger, a fixed cap supply of 21 million and the difficulty adjustment, we know exactly how much bitcoin there currently are, and we can predict the supply rate into the future with near pinpoint accuracy. Something that has previously not been possible. 

Chapter 2 - Section 4: Public/Private Key Cryptography

Key Questions Answered:

• What on earth even is a bitcoin?
• What is a Private/Public Key Pair
• What are bitcoin addresses?

So far, we have looked at the functionality of the blockchain and introduced the concept of distributed ledger technology. As a result, we should now have an understanding that within the Bitcoin Ledger exists a record of who owns what and that each new block updates the current state of ownership, that is, the transactions that occurred since the last block. Let’s now focus on ownership and the sending and receiving of bitcoin.

Once again, we try not to get too technical and attempt to remove as much jargon as possible. At the same time, the truth is that this is a deep and complex topic. We will, therefore, do our best to provide the information needed for a deeper understanding of what Bitcoin is and how it works without trying to give you a dual degree in computer science and cryptography!

What on earth even is a bitcoin?

One of the biggest misconceptions surrounding Bitcoin is that people liken it to some type of file, such as a JPEG or an MP3, believing that when we send bitcoin, we’re simply sending this JPEG or MP3 to someone else. You are also not alone if you view it as a digital coin you store on your computer, since this is how bitcoin is often portrayed in mainstream media. With this in mind, let's explore what bitcoin really is and how we transact using it!

Figure 2.41: Bitcoin, Often Misleadingly Portrayed As Coins

Figure 2.42: The Latest Bitcoin Transactions

When we log into our digital banking platform, we see all our accounts and the money in each one. It can be hard to believe, but this money is not linked to physical currency stored in a vault for safekeeping. Instead, the bank operates a central ledger which tracks how much money the bank owes to each account. When you send money to another person, nothing physically changes hands. Instead, money is debited from your account and credited to your friend's account. This transaction is then added to the bank's ledger, updating our balances. 

Fun fact: When you deposit money in a bank account, the money becomes the property of the bank. The account balances shown to you are simply an ‘IOU’ or a promise to pay you back (providing they have the funds or nothing else prevents this, such as government intervention!).

One of the roles of the bank is to ensure that only you, the account owner, have access to and can spend your funds. That means that if the bank suspects a transaction to be fraudulent or that we are not the true owner of the account from which we are trying to send money, they can freeze or even reverse the transaction. 

In terms of the ledger, Bitcoin works in a similar way. When we send bitcoin to a friend, a new transaction is generated, updating the Bitcoin ledger. This transaction debits bitcoin from our account and credits bitcoin to our friend's account. Nothing tangible is exchanged. Instead, this new transaction has updated each of our balances. Bitcoin is simply a distributed ledger of records that keeps track of who owns what. Where Bitcoin differs is that there is no reliance on banks or trusted third parties.

This brings up the question: if we remove the banks and other third parties, how do we ensure that people can only spend their own bitcoin? This is where the power of cryptography comes in.

Bitcoin Addresses

Public Key

*We will simplify the receiving of bitcoin down to the public key. However, as we will explore in time, this isn’t necessarily accurate as to receive bitcoin, we must provide something known as a public address– a hash of our public key. So don’t get too bogged down by public keys.

If we want to send money to a friend through our traditional banking system, we need to know their bank account number. Think of their bank account number as an address we can use to send the money. Bitcoin is no different. When we send bitcoin to a friend, we need to know their bitcoin address. This address is known as their public key.

Just like a bank account number, knowing someone's Bitcoin public key doesn’t allow us to do anything with the funds inside this address/account. The only thing we can do is send bitcoin to this address.

Where a Bitcoin address differs from a bank account number is that knowing someone’s address allows us to look it up on the Bitcoin Blockchain and see how much is stored at this address. However, since no names are reflected on the blockchain, it is impossible to determine who owns that address unless the account owner lets us know they are the owner. This makes the Bitcoin ledger pseudonymous rather than anonymous. For this reason, performing an illicit activity using Bitcoin is not a good idea, as every transaction is recorded forever. If the identity of the account owner becomes known at any point in the future, all their transactions will be visible for the world to see. There are ways to improve privacy once you understand what you are doing, but that is outside the scope of this book.

Private Keys

You’re probably thinking, “Ok, I understand if I give someone my public key, I can receive bitcoin, but how do I send someone bitcoin?”

This is where the private key comes in. You can liken a Bitcoin private key to an internet banking password. If our friend gives us their bank account number, we can’t do much except send them money. However, if they give us their bank account number and internet banking password, we can go into their account and start spending their money. Just like you wouldn’t give anyone the password to your internet banking, you should NEVER give someone your private key. 

To drive home the message, if someone manages to obtain your internet banking password and therefore account access, as mentioned above, the bank could freeze or reverse the transaction if they believed the transaction to be fraudulent. This is because your bank account is connected to you as an individual and the bank has some degree of responsibility to ensure fraud is minimized. When you signed up for the account, you had to provide your identification and sign several documents. 

This is not the case for bitcoin. Anyone can create a bitcoin address at any time and have money sent to that address. The only thing that makes you the owner of that address is that you hold the private key, which gives you the right to spend the corresponding bitcoin. However, if someone else gets hold of this private key, they too can spend that bitcoin, and, unlike our traditional banking system, there is no way to freeze or reverse a transaction. To reiterate, NEVER share your Private Key with anyone. 

So… what exactly is a private key? 

Simply put, it is your password to your funds in the form of a massive unique number, a number so large that even if every computer on earth²⁷ tried to guess your password, it would still take an unfathomable amount of time. The number is so large that it is comparable to the number of atoms in the universe.  Guessing a private key is akin to finding that one atom in the universe or winning Powerball 9 times in a row! While we can’t say it’s impossible, it is highly, highly improbable. 

And, just like no two atoms are the same, no two private keys are the same. Each is completely unique. 

A private key is a 256-bit binary number. In other words, it is a string of  256 ones and zeros. This can be represented in binary format, decimal or, more commonly, hexadecimally. Although we have previously introduced these concepts while exploring mining, here are some more examples. 

Below is the same randomly generated private key in Binary, Decimal and Hexadecimal format. (No, there is no bitcoin assigned to this key, trust us, we looked)

Binary:

1101101001000110101101010101100111110010000110110011111010010101010110111011000110010010010111001001011001001010110001011100001110110011110101110010111111100001101111110011011101000111011010100001000001001011000011100111001110010110000000100111101101100101

Decimal:

98729131926707364344155946614204368554393612909660450514900410658357640330085

Hexadecimal:

DA46B559F21B3E955BB1925C964AC5C3B3D72FE1BF37476A104B0E7396027B65

If this is confusing, you could liken each representation of our private key to a different language. You could say, “hello, hola, bonjour or asalaam alaikum.” While some are longer than others, they all mean the same thing. With this in mind, you might notice that it is more convenient to represent a private key in hexadecimal format, as it uses fewer characters to represent the same data. 

What's more, as a copy of the blockchain is data stored on every node that chooses to run it, the developers always look for the most efficient way of representing this data to minimize data storage requirements. 

“Wait, so are you telling me that the hexadecimal number above is my password? How can I remember that?” We agree that even in its simplest hexadecimal form, it is doubtful you’ll be able to remember your private key. With this in mind, you can convert any private key into what is known as a seed phrase. Again, this is just another representation of the same private key.

Seed Phrase:

vessel catch dilemma club armor alley lumber donor twin divide account globe

These words are known as BIP39²⁸. What's interesting to point out is that these words are not random. When converting your private key into a seed phrase, there are a total of 2048 potential words that can make up your seed phrase (private key), with the first four letters of each word being unique. Therefore, if you wanted to, you could simply write down or remember the first four letters of each word, although this is not generally recommended.

Fun Exercise: Get a coin, a pen and a piece of paper. Allocate 1 to heads and 0 to tails. Flip the coin and write down the result. Repeat this 256 times. Congratulations, you just created your own randomly generated Private Key. To start using this private key, you just need to create a public key. That's a little harder… but still possible with some complex mathematics. We’ll save that for another book.

What makes Bitcoin unique is the ability for anyone to create their own Bitcoin public and private key without the need for any trusted third parties or banks. What's more, you could then memorize your private key and have bitcoin sent to your public key, and there is no way for anyone to know you are storing monetary value in your head. This is what makes Bitcoin incredibly resistant to seizure and theft. Your bitcoin does not exist in the physical realm. Instead, it is pure information and can be stored in our memory if needed.

Now that we have explored the public and private keys, let’s look at how they are linked. This is known as the public and private key pair.

Public/Private Key Pair 

For Bitcoin to be useful, we need both a public and private key pair. The public key allows us to receive bitcoin, and the private key enables us to spend our bitcoin. 

To create this pair, we must start with the private key. As explained above in the “Fun Exercise,” it is easy for anyone to create a private key if they prefer to tinker rather than rely on their wallet to do the heavy lifting. However, creating the public key is a little harder, as it is derived from the private key and involves some complex mathematics. This math is called Elliptic Curve Cryptography. This is far outside the scope of this book, but for simplicity, think of elliptic curve cryptography as a hash function of sorts. You start with a value, in this case, a private key. You then perform a series of complex equations, and out pops your public key– a private key goes in, and a public key comes out.

The beauty of the public/private key pair relationship is that through cryptography, we can easily confirm whether a transaction is legitimate or not. You could liken this to a credit card transaction. Say we want to purchase something in a store. Traditionally, we would have to sign the transaction receipt to verify we are indeed the credit card owner. The teller would then check our signature against the signature on the back of the card to confirm we are who we say we are. The teller would decline the transaction if we couldn’t replicate the signature. This is similar to Bitcoin except for three caveats:

1. To forge the signature, you must guess the 64-character hexadecimal private key (or the 12 or 24-word seed phrase). That's a lot harder than forging a handwritten signature.
2. When we sign for a credit card transaction, we reveal our signature. In the case of Bitcoin, anyone can confirm the authenticity of the signature without revealing their private key through something known as a zero-knowledge proof.
3. In the example of the handwritten signature verification, we are relying on the discretion of the person comparing the two. With public/private keys, we rely on math and math alone. And Math doesn’t lie. 

Moreover, when we digitally sign a transaction to prove we’re the owner of any funds, every node on the network automatically checks the transaction's legitimacy. If the signature does not match the public key, the network rejects the transaction. 

Tying everything together, by deriving a public key from a private key, we can have people send us bitcoin without giving them access to our bitcoin. Knowing the public key does not unlock the ability to spend the balance held under the public key. Thinking back to our banking analogy, in this case, we have created a bank account number from our password, and these two are inextricably linked to one another using cryptography. 

Got it? Not so fast… Our computer science friends discovered there might be a case where a computer may be able to crack this public/private key relationship. Hence, they added one more piece of protection to further encrypt the public keys, known as public addresses.

Public Addresses

Previously, we introduced the idea that if someone knows your public key, they can look up your bitcoin balance. Most people would agree that this is less than ideal. If Jack sends Jill 0.25BTC for a used car, Jill can look up the transaction details and see Jack's sending address. Jill can see Jack’s entire history and balance in a few seconds. Surely Jack would want some privacy? We could just create a new public/private key pair each time we want to send/receive money. But this would be a nightmare. That's like opening a new bank account each time you wish to transact. 

Here’s where Public Addresses come in. 

You now know that a public key is derived from a private key via complex mathematics. Similarly, public addresses are derived from our public key using another hash function. And, from our public key, we can generate as many public addresses as we like. To clarify further, here is an example.

Think of your home address as your Public Key. We don’t want everyone globally to know our home address (public key) for security purposes. We, therefore, head over to the post office, show them our home address and open a PO Box (public address). This way, we can give out a PO Box address instead. Now imagine a world where every time we want to give out an address, we can easily and instantly open a PO Box address to receive any incoming mail. Since all of these PO Boxes are tied to our home address, our private key can access each of these PO Boxes. People can look inside the PO Box address they are given, but they can only see what is in that address. They cannot see all our mail (transactions and balances) as we have not given them our home address (public key).

And that is how the public address system works. 

*Don’t worry if this went over your head. All the details around public address generation are managed by the bitcoin wallet (software) you use to store your keys. 

Side Note: It is common to see Public Addresses use a combination of upper and lower case letters alongside the numbers 0 through 9. Similar to base 16, which we introduced in the section on mining, this is another number system that reduces the number of characters needed and is known as base 58. Figure 2.43 shows the conversion from decimal to base 58. You will notice that some characters are omitted, such as the number 0 and the upper case O. This eliminates ambiguity and transposition errors. 

Figure 2.43: Base58 to Decimal Conversion Chart

Section Summary

Whoa, well done, that was some deep stuff! Public/Private key cryptography really is an engineering marvel that makes this technology possible. This form of cryptography is locking up and protecting billions and, at times, trillions of dollars worth of value and personal wealth. Although complex, it is needed to provide the utmost security. 

Next up, we will explore the ledger in detail. Get ready!

For further readings, we highly recommend:

“Public & Private Keys” - Arman the Parman

“Bitcoin Private Key” - Delton Rhodes

“Can I derive the private key from the public key?” - Prof Bill Buchanan

Chapter 2 - Section 5: The Ledger

Key Questions Answered:

• What is a ledger?
• Why does Bitcoin use a ledger?
• How does Bitcoin solve the double-spend problem?

So far in this chapter, we discussed mining, the supply and public/private key cryptography. Now we are going to explore where value is stored, the ledger. 

What is the Bitcoin ledger?

The Bitcoin ledger is simply a list of pseudonymous transactions. It is pseudonymous in that it does not carry any personal information regarding the sender and receiver, only the transaction and address information. What is fascinating is that on this ledger, we can see the details of every bitcoin in existence and every movement of each bitcoin since its inception. 

Through this chronological list of transactions, we can determine who owns what. As discussed earlier, the ledger is kept current by the miners and nodes continuously updating and monitoring it. Each time a new block is added to the blockchain, the ledger is updated to reflect any new transactions. 

Facts (As of May 2022)

1. Since Bitcoin's inception, there have been over 965,000,000²⁹ addresses created and used.
2. Currently, there are 40,276,163 bitcoin addresses with a balance greater than 0.
3. Figure 2.51 is a chart from January 2021 that details how many addresses are in each cohort of wallet size. For example, there are 22,000,000 Shrimps (Wallets holding less than one bitcoin).

Figure 2.51: No. of Wallet Addresses By Size³⁰

Why does Bitcoin use a ledger?

In general, there are two different ways to store value: 

A Token (Physical): A tangible item of value that we can physically interact with and exchange. 

A Ledger (Informational): A record of a sequence of events which allows us to determine who owns what.

In day-to-day life, we interact with both tokens and ledgers. For instance, when someone walks into a coffee shop and purchases a cookie, they could pay with cash (a physical token of value) or a credit card (an informational ledger of who owns what). If they choose cash, they hand over the cash to the teller and receive the cookie. They no longer have the cash, and the teller no longer has the cookie. 

Alternatively, they could pay by credit card. If so, nothing physical is exchanged. Instead, a new transaction has been recorded on a ledger, debiting the purchaser and crediting the coffee shop, ultimately updating the location of value on the ledger. In both situations, value has been exchanged. However, in one instance, value has been exchanged in the physical realm (cash) and the other in the digital realm (credit card).

This example shows that for value to be exchanged in the digital realm, there has to be a ledger of records indicating who owns what. For this reason, tokens do not work in the digital realm. Without a ledger, there is no way to confirm ownership of value. Why? There is no way to prove the token has not already been spent, copied or duplicated, such as our picture of a sunset example in “The White Paper.” I could quite easily tell my friend I am sending them the only copy of my sunset picture, only to have duplicated it before sending it. It is for this reason that digital scarcity is so hard to achieve. This is known as the double-spend problem. But, more on that in a second. 

For now, what should be evident is that tokens work best at representing the exchange of value in the physical realm, whereas ledgers are the best means of recording the exchange of value in the digital realm. This explains why Bitcoin uses a ledger to record who owns what.

The double-spend problem

Due to a token's tangible nature, there is no need to track its history. Its value can only be in one place at any one time. Whereas, for digital information to exist in only one place, it must be deleted from the original owner once it has been moved to the new owner. This begs the question, how can one be certain digital money has not been copied and will not be re-spent? 

For something to retain value in the digital realm, we must keep track of its movement. This is achieved by using a ledger– a detailed record of events. This allows us to determine the location of value, or in other words, who owns what at any time. However, it is also crucial that the order of events is accurate. This seems simple enough, doesn’t it?

The Issue of Trust

A ledger is a list of transactions detailing the location of value. If we change the order or alter the record of transactions, we can change who owns what. Therefore, a ledger requires trust. We must be able to trust that the order of events is immutable– cannot be changed. 

This may sound confusing, so let's build on the cookie example above. Let's say this person above stole the credit card. The owner of the card, while checking their card statement, notices this unknown transaction, calls up the credit card company and reports the transaction as fraudulent. In response, the credit card company reverses the transaction, changing the record of events on their centralized ledger. It is as if the event never happened, except the coffee shop is now down a cookie and has nothing to show for it. 

Now, what if you were the coffee shop? How would you feel? It is not your fault that someone stole a credit card and purchased something in your shop.

If the thief had stolen a wallet, paying for the cookie with cash, there would be no way to reverse the transaction as there would be no reversible ledger record. Therefore, we can conclude that in the physical realm, the transaction is final. There is no need for trust. 

However, in the digital realm, the transaction is not final. Since the transaction is just an event recorded on a ledger, the record can be altered, changed, or reversed if a central entity controls this ledger. Not good!

What have we learnt? Centralized systems can rewrite their version of history.

So, although we have solved the double-spend problem through the use of a ledger, when we have to rely on third parties to manage the ledger, we are still faced with the issue of needing to trust those centralized entities to determine and maintain the true state of the ledger. 

Back to the drawing board…

How can we prevent double-spending or someone rewriting history in a decentralized manner so we don’t need to trust anyone? It’s harder than it looks, although, with everything we have covered so far, we now have all the pieces to the puzzle!

How does Bitcoin solve the double-spend problem?

Without going back over too much ground, let’s piece together how Bitcoin achieves trustless decentralization while at the same time removing the potential for a double-spend.

Public/Private Key Cryptography

Through the use of public/private key cryptography, only the owner of the bitcoin can sign for and send transactions. This prevents miners from altering transactions to their benefit. If they were to attempt to alter the transaction, it would no longer be valid and would be dismissed by the network of nodes.

Blockchain

Through linking together blocks via the “Previous Block Hash” and creating a blockchain, two things are achieved:

Transaction Finality

If a nefarious miner decides to go back and alter a block in the chain, they'd have to mine the altered block, and subsequent blocks, faster than the entire network is mining blocks until their chain is longer than the main chain. This means the bad actor would have to expend the equivalent energy it took the entire network of miners to build the original blockchain. Therefore, it is essentially impossible for any miner to go back and alter the blockchain due to the time, energy, cost and challenge of finding enough hardware to do so. 

For this reason, Bitcoin is described as having transaction finality, a.k.a immutability. Once a transaction has been added to a block and appended to the blockchain, it is final as it’s near impossible to reverse/alter, unlike our centralized credit card example above.

Chronological Order

Order is a necessity when keeping a ledger of transactions. We know the order of transactions via the sequence of blocks. By linking one block to the next, we have a verifiable chronological record of history. This, combined with transaction finality, means we have an indisputable and immutable history of events.

Miners and Nodes

As our transaction is processed by a random miner in the network and is then verified by every node on the network, we do not have to put any trust in any single entity. We have a trustless, decentralized system. Everyone in the network keeps everyone else honest. As a miner, when you are the lucky one appending your block to the blockchain, there is no incentive to try to alter or cheat the rest of the Bitcoin network, as your changes will be disregarded, and you will lose the block reward. 

Section Summary

Piecing all the above together, we have a finished puzzle of how Bitcoin solves the double-spend problem. Through the use of distributed ledgers, blockchain technology, miners, nodes and public/private key cryptography, for the first time in history, we have a decentralized, chronological, constantly audited and immutable record of who owns what.

For further readings, we highly recommend:

“Bitcoin is Time” - Dergigi

Chapter 2 - Section 6: UTXOs & Transaction Fees

Key Questions Answered:

• What is a UTXO?
• What are transaction fees?
• Why do transaction fees increase when more people transact?
• What do transaction fees have to do with UTXOs? 

So far, we have thrown a lot at you, keys, blocks, hashing… all heavy stuff. But, there are two more important subjects we want to touch on before moving on to chapter three. These are Unspent Transaction Outputs, UTXOs for short, and transaction fees.

What is a UTXO?

As discussed previously, the Bitcoin ledger contains a chronological list of every transaction since inception. This allows us to determine who owns what. However, unlike a traditional ledger with credits and debits, where our wallet balance is the sum total of all credits and debits, Bitcoin uses something called a UTXO model. Our wallet balance is the sum total of all unspent transaction outputs we have received but have yet to spend. This may sound confusing, so let's break this down.

Any time a bitcoin transaction occurs, it uses UTXOs to track ownership and balances.

Suppose we open our traditional physical wallet, and inside is a $5 bill and a $10 bill– money we have received at some point but have not yet spent. These two bills can be thought of as two unspent transaction outputs. Combined, these UTXOs give our wallet a total balance of $15.

Every Bitcoin transaction is made up of inputs and outputs. These Inputs consume existing UTXOs, while outputs create new UTXOs. 

Let's say we want to purchase a burger for $11. Clearly, we do not have the exact change for this burger as we only have one $5 and one $10 bill. The transaction would, therefore, consist of the inputs, a $5 bill and a $10 bill. These UTXOs will now be consumed, and we will be given outputs in return. The restaurant receives a new $11 bill, and we receive a new $4 bill. Our wallet balance now contains a new UTXO of $4, and the restaurant contains a UTXO of $11.

What's important to note is that the total inputs have to equal the outputs, and UTXOs cannot be broken down into smaller denominations. They have to be consumed in full, just like with dollar bills. We can't just chop up our $5 bill into a $4 and $1 bill, giving the restaurant one $10 and one $1 bill, keeping $4 for ourselves. We have to consume our two UTXOs of $5 and $10, creating two new UTXOs of $11 for the restaurant and $4 for ourselves. 

What Are Transaction Fees?

To transact on the Bitcoin network, we must pay transaction fees. These fees compensate the miners for expending energy to process our transactions. 

However, unlike PayPal, which charges a flat fee of 2.9%, Bitcoin transaction fees may vary based on the network congestion and the digital size of the transaction (as opposed to the amount of value it represents).

The more people using the network, the more costly it is to transact and vice versa. You could liken this to Christmas shopping. If we wait until Christmas eve to shop, we’ll have to face congested roads and stores, increasing the time and energy we have to expend to complete our shopping. On the flip side, if we shop outside of the holiday season, the roads and stores are quieter, leading to reduced time and energy consumption.

Additionally, when we send a bitcoin transaction, we can usually select how much of a fee we wish to pay. The more we pay, the faster our transaction will be processed. 

If we desperately need to send 500,000 satoshis across the globe to El Salvador, we can increase our transaction fee to better our chances of it being included in the next block. 

Alternatively, we can set a low transaction fee if we're not in a rush. It may just take a while for our transaction to be processed, as we'll be waiting for network demand to decline to where our transaction fee is acceptable. This is because miners often prioritize transactions with higher fees to maximize revenue. The higher the fee, the higher the priority given.

This raises the question, why do transaction fees increase when more people transact?

Simply put, each block has a maximum size, or in other words, limited space for transactions.

Bitcoin transaction fees are charged in sats per virtual byte– the more space a transaction takes up, the higher the fee. This is a powerful concept to understand. The size of transactions varies based on the complexity of the transaction. This includes things like the number of inputs (UTXOs) that make up a transaction. 

This fee structure differs from traditional payment rails, which usually charge a percentage fee– the more value you send, the higher the fee. Whereas with Bitcoin, the transaction fee for sending 10,000 bitcoin may be the same as sending 0.00001 bitcoin. 

What’s more, if the transaction fee is still too much, you can use technology built on top of Bitcoin, such as Lightning, for almost instantaneous transaction time and fractions-of-a-cent, if not zero, transaction fees.

What do transaction fees have to do with UTXOs? 

If you recall above, total UTXO inputs must equal the UTXO outputs. When we send a bitcoin transaction, we must have a sufficient total balance held within the UTXOs in our wallet to cover the transaction + the transaction fee. 

Suppose we want to buy a cup of coffee for 4000 sats, and our wallet tells us it's currently 100 sats for the transaction fee. For us to be able to proceed with the transaction, we must have a minimum of 4100 sats in our UTXOs.

Lucky for us, we checked our wallet, and we have a balance of 5300 sats, made up of one UTXO for 1000 sats, one for 2000 sats and one for 2300 sats.

If we went ahead with the transaction, the input for the transaction would look like this:

1. UTXO for 2000 sats 
2. UTXO for 2300 sats

And the output for the transaction would look like this:

1. A new UTXO for 4000 sats to pay for the coffee.
2. A new UTXO which includes our 100 sat transaction fee + the block subsidy and all the other transaction fees in which the transaction was confirmed.
3. A new UTXO for 200 sats that we received back, which is the change from our original 4300 (2000 + 2300) sats minus the 4000 sat coffee, and 100 sat transaction fee.

Notice how we never used our UTXO for 1000 sats? This is because there was no need to include it in the transaction. Our UTXOs for 2000 and 2300 covered the cost of our coffee and the transaction fee. 

When we use cash, we choose the bills we’d like to use. Whereas with Bitcoin, our wallet software decides which UTXOs are used in a transaction. With the software designed to optimize the use of our UTXOs for efficient data management. This way, our wallet will use the least amount of UTXOs to conserve data usage since fees are charged based on data usage, not the transaction amount.

If you want to get fancy, many wallets offer UTXO user management these days. That way, you can decide which UTXOs to use in a transaction.

Section Summary

With chapter two under our belt, we have now explored the underlying processes that make the Bitcoin network the unique technology it is. In the next chapter, we will move away from the technicals and dive into the participants involved in bringing Bitcoin to life.