Bitcoin: The First 5,000 Days
This guide hopes to explain what Bitcoin is and why it matters. It’s designed to have as little “cheating” as possible with the explanation, and so it covers all the major concepts that allow Bitcoin to function with no skipping.
Note: I’ll be using Bitcoin to refer to the Bitcoin network, and bitcoin to refer to actual bitcoins.
But before getting to Bitcoin, we’re going to cover how money itself works, and how that ties into Bitcoin and its place in the world. It’s important to note that the monetary history I’m about to go through is not the real history: it’s a simplified model used by economists. It’s broken into discrete stages, and is designed to to show you how money can go from something concrete to something abstract.
Where’s the money?
So back in the day, when digital was still related to fingers, we had barter. Barter was a system where people who had stuff that each other needed simply traded those items.
This system has a couple of practical problems, though. The first is that in order to work, both sides needs something they want, which the other has. Economists often call this the “double coincidence of wants”.
Then there’s the problem of comparing items. How much of your bag of sugar is equivalent in value to some other guy’s bag of cinnamon? And let’s not even get started about what would happen if you wanted some beef, and how you get enough people together to justify killing a cow and cutting it into pieces. Veganism hadn’t been invented yet.
The solution to this mess was the very first kind of money: commodity money. Commodity money is money that has inherent value as a commodity. Or in words that aren’t just the name written in reverse order: it’s something that’s useful all by itself, to pretty much everyone. Ideally it’d also be something that’s quite small or easily divisible, fairly portable, and able to be stored for a long time. Corn’s a good example, and was one of the first things used for this. Edible money, just think!
This idea of commodity money was independently invented all over the world at various points. In fact, in certain circumstances it’s still used today — for example in prisons. Prisoners can’t really deal with money internally, and so often form shadow economies based on cigarettes. Small, easy divisible, long shelf life. It’s also the only case where your money going up in smoke is considered a good thing.
Commodity money has the advantage that you can use the commodity as your base unit and define everything else relative to that. This makes it much easier to keep track of the going rate of certain items by thinking in terms of, say, bags of corn. Although there’s now an additional problem of having all your corn in one basket. Say there’s a bumper harvest next year, or enterprising young farmers start growing a lot more corn, then the value of your corn is going to drop. Although similarly the opposite is also true.
This commodity money system lasted a really long time. It was only in the 18th century (by which time the commodity was silver) that it was replaced by representative money in Europe and the USA. Representative money differs from commodity money in that it uses tokens that act as stand-ins for a commodity. These tokens are usually things like coins, or later notes. Now instead of lugging around bags of corn people can trade tokens which represent X bags of corn.
The idea is that at any time the tokens can be swapped for the underlying commodity. So when someone pays for something using these coins, what they’re really saying is: “I wouldn’t mind trading X amount of corn in exchange for that sweet sweet cinnamon”. The commodities themselves are stored in bank vaults, and a bank note was essentially an IOU that could be theoretically exchanged for the agreed amount of the underlying commodity. If you have a Ȼ10 note from the bank of corn, at any point you can go to that bank and swap it for 10 bags of said corn. But why would you? Nobody needs that much corn.
This system of representative money lasted a couple of hundred years in the West, with gold and silver commonly being used as the underlying commodity (e.g. The Gold Standard). But eventually it fell out of favour, in a move that Ron Paul has been complaining about ever since. He’s probably that old.
The replacement for representative money is fiat money. Fiat money is not backed by any commodities and has no intrinsic value. It’s really only money because the state says it is, and you just have to go along with it. If you think that all sounds a bit 1984, you’re wrong it was actually introduced in 1931.
Whether or not it’s a good idea to create money out of thin air is an argument for another article, but one advantage is you don’t have to keep giant vaults full of gold. It’s also really hard to rob a bank when there’s not actually any money in it. Which seems unfair as the banks are still very much robbing you.
Fiat currency was a big step up in terms of abstraction. Commodity money is still reminiscent of barter in the sense it still has an intrinsic value. You know someone somewhere will be happy to exchange for it because they can make direct use out of it. The fact it’s also an agreed-upon reference point for setting prices is just a nice bonus. Representative money is still backed by a commodity, and so it’s just a single level of abstraction higher to make things easier. You no longer have to store the commodity yourself as that can be done by the bank. But fiat involves inventing money out of nowhere, and it can’t be traded for anything unless everyone closes their eyes and agrees it’s real. It’s a legal fiction.
Now, before getting to Bitcoin itself we have one more concept to explain: exchange rates. What we’ve talked about so far makes sense in terms of a single economy, but what about trade? With fiat not being backed by gold, why would you trust denominations from another currency when you can’t go and exchange it for something real that has tangible value?
The answer is that there are lots of currencies, which are being exchanged all the time. In an exchange you’re giving away one currency and in return receiving another one. So say you spend some dollars in exchange for bitcoins, it can be seen as you preferring bitcoins to dollars, which collectively gives Bitcoin a value relative to the dollar. So just as long as people are willing to exchange their dollars for bitcoins, or Euros for bitcoins, or monopoly money for bitcoins, then Bitcoin itself has value in much the same way that you can become cool by association.
Now we have a broad understanding of how an abstract notion of money can exist in the world. So given that it already exists, what makes Bitcoin new?
Money 2.0
Bitcoin was created to be a peer-to-peer payment network. Or in the same words backwards, it’s a network made up of peers trading directly with other peers. In English, what that means is it’s designed to behave exactly like normal cash does. It’s cash, but on the internet. So like using coins, but for the world of bits and bytes.
You may think you can already spend cash on the internet, but formally speaking you can’t. The fact cash is physical means when you spend it, that’s a direct transaction between you and the seller. Any record of that transaction would be down to the seller to make, and the only thing they really know about you is vaguely what you look like and the fact you paid in cash.
But on the internet, when you spend money it goes through banks. This is how things are kept track of. If you pay for something on your debit card, your bank deducts from the balance of your account, then tells the other party’s bank, which increases the balance of their account. Everything runs via a centrally agreed system.
So Bitcoin exists to cut out that middle man. It allows direct transactions with other humans without any banks. This directness has several advantages: there’s no single third party who might introduce additional fees, or block the transaction, or keep a paper trail of your purchasing habits.
It also has an advantage over cash: it’s not state controlled. Fiat money is an imaginary concept guaranteed by the state. That means the value of the money is tied to that state in various ways, and if the state is doing badly then so is your money — see Zimbabwe. The state can also mess with your money directly by, say, freezing your accounts. You’re basically trusting them not to, and why the heck would you do that — do you not read the news?
Now I’m sure at this point a few questions spring to mind. If there’s no central authority, how does it work? Digital is different from physical; what’s to stop you spending the same cash over and over? If it’s all imaginary, then how is it comparable to real currency? Great questions, me!
Bitcoin is run as a network. I’ll explain exactly what network means in this context later, but it’s important to note that the network started off as one man. As time passed more and more people joined this network. The thing with fiat currency is it’s only as legitimate as people think it is. If only one person uses a currency then it’s not a real currency, because there’s no trade. And if we remember where money came from: its whole purpose was to make trading things easier.
So a currency is only useful to the extent in which people are comfortable using it for purchase. Lots of people decided they quite liked trading in Bitcoin, and so its legitimacy as a currency increased. Eventually even more people decided they wanted in, and created infrastructure such as exchanges. And the minute people are prepared to exchange amounts in your made up currency for amounts in proper currencies, then your currency becomes as real as any other. After all, it has an exchange rate!
So sure, Bitcoin is cash for the internet, but why do people even need cash for the internet in the first place?
But why Bitcoin?
There are two main things Bitcoin offers that your bank doesn’t: anonymisation and decentralisation.
Anonymisation means that there are ways to trade bitcoins without ever revealing your identity, which is a very desirable trait for people engaging in certain types of business. I know Bitcoin has had a lot of bad PR for being used by drug dealers, but they are far from the only users. There’s also arms dealers and hitmen.
Note: Bitcoin isn’t actually a truly anonymous currency. If the person who gave you your bitcoins knows your identity, then they can track your spending of those coins. So to be truly be anonymous, you’d need to ensure you acquired your bitcoins anonymously, and never revealed your identity while spending them. There are cryptocurrencies that offer far stronger anonymity guarantees, like Monero.
Decentralisation means Bitcoin is outside of state control, which along with meth heads is also valued by people who distrust the state in general — even if they’re conducting legal business. Think about that guy that keeps all his cash under the mattress. Bitcoin is for him.
As a new currency, Bitcoin started off with a really low level of trust. However, with an initial level of momentum from within tech circles and impressive sounding claims, it presented a great opportunity to certain types of investors. Also, without the need for intermediaries, such as banks, the cost of transferring money is much lower (in theory). I think it also helped that it came at a time when fiat currencies were the norm. Sure you can say “but it’s just imaginary!” but at this point so is every other currency — Bitcoin just happens to offer some mathematical guarantees on top.
I think finally we’re ready to get to the ingenious part of Bitcoin — how it actually works as a decentralised currency. The big problem it needs to solve is that without a central system you need a mechanism to both create new bitcoins, and track the spending of those bitcoins.
With a centralised currency it’s easy: you have a central mint print new currency, and allow the banks to pull a certain amount of money out of thin air, using the central bank to track transactions between the banks. But Bitcoin doesn’t have any of that, so how the heck does it achieve the same thing?
Block party
At the heart of Bitcoin is the blockchain. The blockchain is a massive public ledger that contains every bitcoin transaction ever. That is to say a record of every time a bitcoin changes hands. Bitcoins are actually ridiculously divisible (you can send a % of a bitcoin up to 8 decimal places). This ledger is how Bitcoin prevents people from spending the same coins more than once.
The blockchain is represented as data readable by a computer. Anyone can gain a copy of this data — you can quite literally download the entire thing and review every single transaction (assuming you have several centuries worth of free time). As there’s a central ledger the next logical question is: how is it administered if no one person is in charge? This is where the network and mining comes in.
The Bitcoin network is how we manage this central ledger in a decentralised way. Lots of computers run special software on them that help keep track of the ledger. Bitcoin has what’s called a protocol, which is basically a set of rules used to work with the blockchain. Because no one person is in charge and the rules of the language are available for anyone to read, anyone is free to create their own software which speaks Bitcoin. These pieces of software are called wallets, and there’s a range of different ones available.
If the software speaks the Bitcoin language, then it can interact with the Bitcoin network. That’s the only stipulation, and is a bit like how if you want to talk to the English you need to be able to speak English too as we’re inordinately proud of our inability to speak anyone else’s language.
Just like a real language, and unlike French, the Bitcoin protocol is run democratically. It does change over time, but for it to change everyone has to agree on the changes. When changes occur, this is called a fork. Most of the time, after a fork everyone updates their software to speak the new version of the protocol, and everything is fine.
However, if, for whatever reason, not everyone agrees on the changes, the entire network can end up being split between the old speakers and the new speakers. This split results in two different blockchains, and hence two different currencies. A bit like how there’s Spanish and Portugese.
This has actually happened with Bitcoin at least once. The first time resulted in Bitcoin and Bitcoin Cash, which are similar but separate currencies.
So Bitcoin hinges on the blockchain, the central registry of all the transactions. Every time you want to spend a bitcoin that transaction has to make it onto the blockchain. It’s called a blockchain because it’s split into conceptual blocks, with new blocks (groups of transactions) being added at regular intervals.
You essentially say “I want it on record I gave x the amount y” and that transaction is put in a pool. Transactions in that pool are grouped to create a block. And that block is then added to the blockchain and your money is spent. It’s the job of the network to ensure your transaction ends up in a block and on the blockchain. How does it do that? It does so via a process called mining.
Mine your own business
Mining makes sure transactions make it onto the blockchain intact, and that nobody is able to tamper with the transactions or cheat the system.
Much like real mining, it’s long and difficult work. And so also much like real mining, an incentive is provided for conducting it: bitcoins. Mining is how new bitcoins are created, and they are given as a reward for helping verify new transactions and adding them to the blockchain.
The reward for mining is determined by the protocol aka the rules of the network. It’s democratically decided, although in practice the rules regarding this were set by Bitcoin’s anonymous creator Satoshi Nakamoto, and so far everyone has stuck with them. Satoshi decided that there should only ever be 21 million bitcoins.
He set the system up so that every time a new block is added to the blockchain, a reward of 50 bitcoins would be given out. A new block is added approximately every 10 minutes, for reasons we’ll see later. This reward has changed over time, specifically by halving every 210,000 blocks¹. If we keep up the way we have been, and the rules aren’t changed in the interim, the result of this is that the very last bitcoin will be mined around the year 2140.
On top of this intrinsic reward, miners also get paid by the people spending bitcoins. When you spend a bitcoin you set up a transaction, and as part of that transaction you can specify a “mining fee”, which goes to the miners as an additional reward for adding your transaction to the blockchain. This fee can be anything, and in practice the market rate is based on how many bitcoins you’re spending, and how many other people are spending at the same time. The higher the fee you pay, the more of a priority your transaction will be taken as, and the faster your transaction will be processed. After 2140, this mining fee will be the sole method of compensation available to miners (assuming the rules do not change before then).
So in summary: mining is the system that both allows a decentralised ledger to exist by securely adding new blocks (group of transactions), and is also the source of all new bitcoins.
But how does one actually mine bitcoins?
Making a hash of it
At the core of the design of the blockchain is a concept called hashing. Hashing is not specific to Bitcoin; it has long existed as a concept in computer science.
Unfortunately how it all works mathematically is out of the scope of this piece. But at a high level, it’s a clever mathematical way of generating unique digital signatures for things. The key word here is unique.
The reason this is important, is that it allows us to guarantee the integrity of something. Which is to say: we can guarantee the contents of something hasn’t changed. We can do this by taking a hash of something, and then storing that hash away somewhere. Then if we ever want to verify whether or not the contents have changed, we just need to take a hash of it again, and then compare that with the original hash we stored. If both of the hashes are identical, then the contents must be the same.
Even the slightest change in any of the input completely changes the hash. For example, here’s the output of hashing 3 short sentences with the MD5 hashing scheme:
this is a hash = 5d59d36569272e0f4e11dea9b2b2e756
this is also a hash = 816ee66d91fde5cf22b714d4cf7db5f2
this is a hash = 6e1afdb7f7c456773345d796c0d4490c
You’d think the first and third hashes should be the same, but actually the third phrase is “ this is a hash” with a space before the “this”, which results in a completely different hash.
In practice, the claim every hash is unique can’t be true. Hashes are of a finite length. That means there exists a finite number of hashes. If you can put literally anything into them, then it stands to reason there must be at least 2 things that result in the same hash. And this is true! But the trick is to make it so that in practice you’d never stumble across two things that actually did result in the same hash — even if you were looking. This is done using fancy maths and by ensuring there’s a truly staggering number of unique hashes. MD5 is not used today precisely because people found an easy way to generate “collisions” (two separate inputs that result in the same hash). But more modern hashing systems are safe for now, and we can assume it’s not possible using today’s technology.
There are lots of different systems for generating hashes, but all of them have the property of striving for uniqueness of hashes, and most of them have the property that hashes are not only irreversible, but you can’t tell anything about what was hashed given only the hash itself.
Computer science uses hashes all over the place, but the one that probably has the most direct relevance to you personally is regarding passwords. When you sign up to a website with a username/email address and a password, the best practice is for that website not to store your password. That’s because if someone hacks into their servers, you don’t want them to have a big list of everyone’s passwords given how often people reuse passwords. So instead, the first thing the website will do is hash your password and they’ll save that instead. Then whenever you log in again, they’ll simply hash what you provide as your password, and compare that to the hash they have on file. If the hashes match, then you must have put in the correct password. This allows websites to have password logins without keeping around any of the original passwords. Clever!
Hash off the old block
Bitcoin uses hashing to ensure the blocks have not been tampered with. If you could tamper with blocks, you could add your own transactions and steal other people’s money.
Hashing ensures that if a block had been changed by anyone after the fact, you could easily detect it. How it works is every new block contains the hash (signature) of the previous block, forming a chain. A chain of blocks. If only we had a word for that.
Here’s a simplified representation in the style of a child who has just discovered MS Paint:
So to reiterate, if you wanted to verify the blockchain you can start at the very first block. You hash it, and then check that hash appears in the 2nd block. You then hash the second block and check that hash appears in the 3rd block, and so on until you got to the end of the blockchain. If all the hashes match, then the blockchain can’t have been tampered with at any point. Isn’t maths awesome.
There’s several different ways you can hash a set of data, but the Bitcoin protocol specifies which you should use and how it should work. If you’re interested, it uses a hash called SHA-256, which was designed by the NSA. Don’t worry, the maths behind it has also been verified by lots of people who aren’t government spies so it’s legit. We hope.
Robot Wars
Hashing is what lets us verify the blockchain has not been tampered with by anyone, but how are new blocks actually added? With lots of miners, how do they all come out with a single unified new block that they all agree to add?
The solution to that is the cleverest bit of Bitcoin, and the breakthrough which allowed cryptocurrencies to take off. The key problem to be solved here is the miners all have to reach consensus on the blockchain. Really, each miner would rather everyone else gave them all of the money. But we need incentives that mean they all put up with keeping an honest account of spending.
What makes this work is that the system deliberately makes blocks really hard to mine. To be able to add a new block, miners have to solve an incredibly difficult maths problem based on hashing. The solution to this problem is called the “proof of work”, and miners compete to solve this problem first and claim the reward.
Miners will each create what is called a candidate block. They’re called candidates because one of these blocks will become the next official block in the chain, we just don’t know which yet.
A block is a group of bitcoin transactions, which is to say a ledger of bitcoins changing hands. The job of the miners is to group together transactions people want added to the blockchain, and verify all of the transactions are valid. Verifying a transaction consists of things like checking someone isn’t trying to spend money they don’t have and things like that.
Each miner wants everyone else to decide that their new block is made the next official block in the chain. But only one of the potentially millions of candidate blocks may be declared the winner. So how does everyone agree which one?
This is where hashing comes in. The winner is chosen based on the hash of each block. Each block consists of a group of transactions, but also includes some other pieces of data. One of those pieces is the hash of the previous block in the chain. Another one of those pieces of data is called a “nonce”, and is essentially just a really long number.
In American English nonce doesn’t really mean anything outside of cryptography circles, whereas in British English it’s slang for a paedophile, which has caught at least one American finance company out:
Recall that hashing means that if you change any part of the contents of something, then its hash will also change. They are unique signatures.
The winner is determined to be the first block whose hash matches a specific criteria. So for example, the winner is the first block whose hash starts with “0000”.
Because of the way hashes work, there is no way to predict what change to the block would result in a hash fulfilling this criteria.
So in order to fulfil it, miners will keep putting different values in the “nonce” field, until they find one which leads to the hash of the block matching the criteria. This is called a “brute force” approach. The difficulty of the criteria is determined by the network, so everyone agrees democratically, and it’s set to take about 10 minutes to be able to successfully do it.
Alice in Blockchains
Now we know miners are all competing with each other to come out with the next block in the chain. But what happens if two miners complete a block at the same time?
Let’s say there’s two miners, called Alice and Bob². Alice is a piece of mining software running on a fleet of specialised mining hardware in a data centre in London. Bob is a piece of mining software running on an old laptop in Sydney, and has improbably found a valid nonce within 1 second of Alice through sheer luck.
Because the miners are so far apart, news of the new valid blocks spreads unevenly. Some other miners in the network hear about Alice’s block first, others hear about Bob’s block. Both blocks are valid, and so we now have a fork in the blockchain. That is to say, we now have two blockchains: the Alice blockchain and the Bob blockchain. Both chains are identical except for the latest block.
So what happens? Well, the rules of the network dictate that miners should always adopt the longest valid chain. So the miners with the Alice chain will be working on the next block, and the miners with the Bob chain will also be working on the next block. Let’s say in this example, that the Alice chain has 75% of the miners, and the Bob chain has 25% of the miners — all preparing candidates to be the next block. Given that the Alice chain has more of the computing power, statistically one of its miners will find a new block before anyone in the Bob chain does. And then this new longer chain will propagate around the network until everyone is using it, which is to say the Alice chain will win and the Bob chain will lose and Bob’s block will be discarded.
This scenario of two competing valid chains happens all the time, but it’s almost always resolved within a few of blocks, and everyone will eventually converge on a single chain.
The target period of 10 minutes was chosen by Sataoshi as a compromise. A faster time would mean transactions clear faster, but lead to far more frequent forks and wasted work. A slower time means fewer forks, and forks resolved faster, but at the expense of slower settlement times.
This is why vendors who accept bitcoins always list how many “confirmations” are required for them to accept the payment. Most places require 3 confirmations, and what that means is they require to see your transaction in a block and also 3 additional blocks after it. So if your transaction is in block 100, they need to see 103 or more blocks in the chain total.
Vendors do this so they avoid the situation of accepting money that may be in the Bob chain. New blocks are hard to add, and so the more blocks added after the block with your transaction in, the more exponentially unlikely it becomes for that chain to be discarded later on (remember, the longest chain is the winner).
After 3 blocks, it’s unlikely for a chain to be discarded in favour of another chain, and after 6 blocks it’s basically impossible. New blocks are added approximately every 10 minutes, which means the average confirmation time is 30 minutes before a vendor will accept your payment as legitimate.
We aren’t the 51%
You may find it odd that the Bitcoin network is designed to make the task of mining deliberately difficult, but the reason for this is precisely because a miner is really just a bit of software.
As time goes on people have built dedicated fleets of specialised computers to do this task. But in the democracy of the network, more computing power = more votes, not one person one vote. If you have 51% (or higher) of the total computing of the network, then you control the network and can change the rules. At which point it stops being decentralised, and you become a dictator. This is a real problem in a world where, say, the NSA has an awful lot of computing power at their disposal.
The solution is to incentivise everyone to throw as much computing power as possible at the mining process. Every 14 days the network resets the difficulty based on the network’s recent performance. So the more computing power is added to the network, the harder the problems get. That way even the likes of the NSA are too outgunned to be able to take over the network with their fleet of supercomputers. This is all best thought of as an artificial arms race (an event sadly missing from the Paralympics).
When the network was just starting up there wasn’t much computing power, and you could successfully be awarded bitcoins by running mining software on a crappy laptop. If you did that back in 2009, you’d be filthy rich by now. I did tell someone to do that at the time and they ignored me. They have a lot of regrets.
In 2014 a mining pool called Ghash.io became so popular that it controlled over 51% of the computing power of the Bitcoin network. In response, the pool voluntarily limited its output to no more than 40% in order to maintain trust in the network, and by 2015 the pool was down to less than 2%.
By 2016, the total computing power in the Bitcoin network was over 100 times more than Google has, and to have any chance of getting bitcoins at all you need a dedicated fleet of computers with custom hardware tailored to be as fast as possible at solving those maths problems.
Yes this is terrible for the environment. A considerable chunk of the world’s computing resources is being spent solving pointless maths problems. But that’s the price you pay for having a central ledger not even the NSA can mess with. Turns out even if you’re not stomped on by the government you’re still left with a huge carbon footprint.
Environmental impact aside, this solution is ingenious from a technical perspective. It provides a strong incentive for everyone to behave fairly, as you need 51% of the computing power of the network to cause any damage. And you can’t get 51% because of an endless arms race ensuring more and more computing power is thrown into the network. As a reward for throwing more computing power in, you get new bitcoins created. Cold hard digital bitcoins given away as a reward for verifying the entire ledger, including the addition of those new coins! It turns out hard work really does pay off.
That just about wraps up how Bitcoin functions as decentralised ledger, and is able to guarantee money changing hands. However, if you were really paying attention, you might be mildly annoyed that there’s one seemingly vital question I’ve utterly failed to answer: what the heck is a bitcoin?
Seriously, where’s the money?
So, it turns out, bitcoins don’t actually exist. Surprise!
Look, it’s fine. There’s actually a really good reason for why they don’t need to. The blockchain (ledger) is a record of all the money changing hands from one address to the other. The real question you should be asking is: what the heck is an address? The answer involves a super clever form of password that works in pairs. Whaaaat? Strap in.
I’m not going to lie, right now we are knee deep in cryptography and it’s sticky stuff. At no point will I be pulling your leg as I might dislocate your hip. The important concept here is this super duper password that’s actually a pair of numbers. It’s easiest to explain why there’s two using an analogy.
Let’s say you want someone to send you a letter, but you don’t want anyone to be able to intercept and read it. Shut up just pretend you do. One way to do this would be to send the person a padlock. They write the message, put it into a safety deposit box, use your padlock on that box, and then send you back the entire box. As only you have the key to the padlock, only you can read the message.
Turns out there’s a mathematical equivalent to that process, which comes in the form of two numbers that work as a pair and form a password.
So the password is actually a pair of numbers. One of the numbers is your private password which you keep to yourself, the other one is public and it doesn’t matter who else knows it. The public one is the padlock in our earlier analogy. You give out and people can use it to send you private messages. But as they’re a pair, and as this is maths, this process also works in reverse. You can use the private password to send a message everyone can read, but only you could have sent. This property is pretty darn cool, and what underpins the Bitcoin addressing system.
A bitcoin address is a hash of a public password. This is for convenience, the password itself is a massive number, and the hashed form is comparatively short and takes up less space.
A Bitcoin wallet is just software which keeps track of all your public and private passwords (and hence addresses), and lets you create transactions authorising money to be moved from your addresses to other addresses.
So “bank accounts” on the blockchain are just pairs of special passwords (your public passwords and your private password) represented by an address, which is a hash of your public password. Because the blockchain (ledger) is open, anyone can view the entire transactional history back to when the very first Bitcoin was mined. That means each Bitcoin address can be thought of as a glass safe, in the sense that everyone can see how much money is associated with that address. Spending involves authorising money to be moved between addresses. Obviously unlike a glass safe it’s not actually made of glass, or else this would have been a giant waste of time if you could just break in with a reasonable sized hammer.
The great thing about this system is that because addresses are just hashes of really long numbers, and those numbers don’t have be pre-registered, anyone can create as many addresses as they like. The algorithm for how you create addresses is publicly available, and all Bitcoin wallets have the capacity to create new addresses entirely offline. New addresses are only known to the blockchain the first time someone sends some bitcoins to them. There’s no real limit to the amount of addresses one person can have, and it’s not unusual for people to use different addresses for each and every transaction.
It’s like having thousands of offshore accounts except they’re so offshore they only exist as an abstract concept in the shadier part of the internet. I’m not looking forward to bankers finding out about this either.
I think we can explain what happens when you “spend” a bitcoin now. Hurray!
Spend spend spend
So let’s say you have 10 bitcoins (lucky you). These are on the blockchain and associated with an address you own. This means they are associated with your public password (a long number) and you know the corresponding private password (a different long number).
If you wanted to send 5 of your bitcoins to someone, in exchange for goods and/or services, you’d open your Bitcoin wallet and copy in the address of the person you want to send the money to.
When you hit send your Bitcoin wallet will create a transaction for you. That transaction is really just a message that says “I authorise 5 bitcoins to go to from x address to y address”. That message is encrypted with your private password, and your public password is also included separately. This means anyone can verify that only the owner of x address (you) could have authorised the transaction. Think of it as a digital signature, where your private password is used to sign the signature, and the address and public password are used by the miners to verify that signature.
To receive money from someone, your Bitcoin wallet creates a new public and private password, and then hashes the public password into an address. It tells you what this address is, and all someone needs in order to send you bitcoins is that address.
It’s all just numbers, which is how Bitcoin can be used anonymously despite the fact everyone can see the full transaction history. This is especially useful for anonymous philanthropy and gigantic drug deals.
Given addresses are tied to passwords in the form of numbers, you might be wondering why someone doesn’t just try and guess the private password for an address, since it’s just a number. The reason that’s not viable is the private password is a 256-bit number, which means there are 2²⁵⁶ possible combinations, which is:
115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936
A number so large that even if every supercomputer on Earth was working on it full time, it would still take them until the end of the universe.
Spending bitcoins works due to the mining system. When you send your transaction authorising bitcoins to be moved to a new address, the main job of the mining process is to validate that transaction. This is done by going back through the blockchain and checking that your address is associated with enough bitcoins to spend in the first place, and that you are authorised to spend it (which is done by verifying the digital signature formed by your private password). If the transaction is valid then it’s added to the blockchain and that amount is then associated with the receiver’s address instead of yours.
And that is why Bitcoin is amazing. It’s a secure, decentralised currency that not only isn’t backed by anything, but bitcoins themselves don’t even exist.
What a technical fiat!
