The rising price of bitcoin - this virtual currency is currently worth over $ 250 billion - has received a lot of attention in recent weeks. But the real value of bitcoin is by no means its growing value. And in a technological breakthrough, which generally allowed the formation of this network. The hitherto unknown inventor of Bitcoin, referred to as Satoshi Nakamoto, has devised an entirely new way of creating a decentralized network with consensus on a shared ledger. This innovation is made possible by the fully decentralized electronic payment system that cypherpunks have dreamed of for decades.
How does Bitcoin work? How do digital signatures enable virtual payments? How does Nakamoto's invention solve the double-spending problem that has limited previous attempts to create digital currency? What is the future of Bitcoin? Everything in order.
Cryptocurrencies Made Possible With Asymmetric Encryption
Until the 1970s, all well-known encryption schemes were symmetric: the recipient of an encrypted message had to use the same secret key to decrypt the message as the sender used to encrypt it. But that all changed with the advent of asymmetric encryption schemes. These were schemes in which the key for decrypting the message (known as the private / private / private key) was different from the key that was needed for encryption (public / public / public key) - and there was no practical ways to find out a private key, having a public one.
Whitfield Diffie, important person in the development of cryptography in the 70s.
This means that you could safely reveal your public key, allowing you to use it to encrypt a message that only you, as the owner of the private key, can decrypt. This breakthrough changed the field of cryptography because it became apparent that any two people can communicate securely over an unsecured channel without worrying about being read by someone else.
Asymmetric encryption had another innovative use: digital signatures. In conventional public key cryptography, the sender encrypts the message with the recipient's public key and the recipient decrypts it with his private key. But this can also be reversed: when the sender encrypts the message with his own key, and the recipient decrypts it using the sender's public key.
Promotional video:
This does not protect the privacy of the message, as anyone can obtain the public key. But it does provide cryptographic proof that the message was created by the owner of the private key. Anyone with the public key can verify the proof without knowing the private key.
People soon realized that these digital signatures could make cryptographically secure digital money possible. Using a classic example, let's assume that Alice has a coin and wants to give it to Bob.
She writes a message, "I, Alice, give my coin to Bob," and then signs the message with her own private key. Now Bob - or anyone else - can decrypt the signature using Alice's public key. Since only Alice could create a secure message, Bob can use this to demonstrate that the coin now belongs to him.
If Bob wants to hand over the coin to Carol, he will follow the same procedure and declare that he is giving the coin to Carol, encrypting the message with his private key. Carol can use this signature chain - Alice's signature giving the coin to Bob, and Bob's signature giving the coin to Carol - as proof that she owns the coin.
Please note that none of this requires an official third party to authorize or authenticate transactions. Alice, Bob and Carol can generate their public-private key pairs without the help of third parties. Anyone who knows the public keys of Alice and Bob can independently verify that the signature chain is cryptographically valid. Digital signatures - combined with several innovations that we'll discuss later - allow people to do banking without the need for a bank.
How Bitcoin Transactions Work
The general scheme of digital money described in the previous section is very close to how real Bitcoin payments work. Here is a simplified diagram of what real bitcoin transactions look like:
A Bitcoin transaction contains a list of inputs and outputs. Each pin is associated with a specific public key. For the last transaction to spend these coins, it needs an input with the appropriate digital signature. Bitcoin uses elliptic curve cryptography for digital signatures.
For example, suppose you have a private key that matches Public Key D in the diagram above. Someone wants to send you 2.5 bitcoins. This someone creates a transaction like Transaction 3 with 2.5 bitcoins going to you, the owner of the public key D.
When you're ready to spend those bitcoins, you'll create a new transaction like Transaction 4. You will list Transaction 3, pin 1 as the source of funds (pins are zero-indexed, so pin 1 will be the second output). You use your private key to generate Signature D, a signature that can be verified with public key D. These 2.5 bitcoins are now split between two new pins: 2 bitcoins to Public Key E and 0.5 bitcoins to Public Key F. Now they can only be spent by the owners of the corresponding private keys.
A transaction can have multiple inputs and must spend all bitcoins from the corresponding outputs of previous transactions. If a transaction outputs fewer bitcoins than it accepts, the difference is treated as a transaction fee (commission) received by the bitcoin miner who processed the transaction. More on this later.
In the bitcoin network, the addresses people use to send bitcoins to each other are extracted from public keys like Public Key D. The exact format of a bitcoin address is complex and changes over time, but a bitcoin address can be thought of as a hash (short and random string of bits, which serves as a cryptographic fingerprint) of the public key. Bitcoin addresses are encoded in the custom Base58Check format, which minimizes the risk of typos. A typical bitcoin address looks like this: 18ZqxfuymzK98G7nj6C6YSx3NJ1MaWj6oN.
This transaction takes 6.07 bitcoin from one input address and divides it between two output addresses. One withdrawal address receives a little more than 5 bitcoins, and the other gets a little less than 1 bitcoin. More likely, one of these output addresses belongs to the sender - is sending the "change" to itself - and the other belongs to a third party.
Of course, actual bitcoin transactions can be much more complex than the simple examples shown above. Perhaps the most important feature, not illustrated above, would be that instead of a public key, the output could have a confirmation script written in simple Bitcoin-specific scripting language. In order to spend this output, the subsequent transaction must have parameters that enable this script to evaluate to true.
This allows the bitcoin network to implement arbitrarily complex conditions that determine how money can be spent. For example, a script might require three different signatures to be held by different people and also require money not to be spent until a certain time in the future. Unlike Ethereum, the Bitcoin language does not support loops, so scripts are guaranteed to complete in a short amount of time.
How Bitcoin Prohibits Double Spending
Many people in the 1980s and 1990s dreamed of using digital signatures to create a completely decentralized electronic money system. But the fully decentralized digital currency system had two big problems that needed to be addressed.
One problem is how to introduce new coins to the system. Obviously, a viable payment network needs to create new coins, but if you allow anyone to create new coins, anytime, the currency will quickly become useless.
The second problem is double spending. Bitcoin rules state that each withdrawal transaction can only be spent once. If someone tries to spend the withdrawn money twice, the bitcoin community will somehow be able to track that attempt and reverse the last transaction.
The obvious solution would be to create a company that will manage the overall record of all transactions. This is how traditional payment networks like MasterCard and PayPal work. But Bitcoin's inventor Satoshi Nakamoto wanted to build a network that would not be managed by any single organization.
Therefore, Nakamoto invented a general book - the blockchain - which is supported by computers called nodes running on a peer-to-peer network. Thousands of computers around the world keep separate copies of an entire block storing every transaction that has occurred since the network launched in 2009. The network rewards the nodes that help create the blockchain by allowing them to create new bitcoins as well - this solves the problem of distributing coins and simultaneously creates an incentive to solve the problem of updating the ledger.
It all looks like this: when a user wants to make a Bitcoin payment, he uses software to create a new transaction. From the user's point of view, it simply means entering the transaction amount and the recipient's bitcoin address on the network, and then hitting send.
The client software will formulate the transaction and send it to the closest node on the bitcoin network. The first node to hear about a transaction shares it with others until it is widely distributed throughout the network.
Some of the nodes are miners ("miners") who participate in the actual update of the blockchain. The miner creates a list of all transactions that he heard about, but which are not yet on the blockchain. Then it checks to see if all the Bitcoin rules are followed by the transaction - the signatures are valid, so that the amount of withdrawals does not exceed the amount of inputs, and so on - discarding those that do not meet the rules. As a result, a new list of verified transactions is created, it is also a block. The miner also adds a special transaction to himself with a fixed reward - now 12.5 bitcoins - for creating a block.
Currently, 12.5 bitcoins is more than $ 200,000, so many would like to add another block to the blockchain. To win the right to add the next block, bitcoin miners compete with each other by performing repetitive calculations. They add a random value (nonce) to the candidate block they created. The SHA-256 hash function is then applied, which produces a short and seemingly random sequence of ones and zeros that serves as a cryptographic fingerprint for the block.
The task is to find a block, the hash of which will be very small - that is, so that its binary value starts with a large number of zeros. Now, for example, a winning block needs a SHA-256 hash starting with at least 72 zeros.
Since the SHA-256 hash values are inherently random, the only way to find a suitable one is to guess again. In most cases, the hash value will be too high, and the miner will repeat the process, changing the nonce value and calculating a different hash value. The network now computes about 7 x 1021 SHA-256 hashes on average for each block created.
Whoever finds the block first informs the rest of the network about it. Everyone else confirms that the hash is low enough and its transactions are valid. If so, they add this block to their copy of the blockchain. And the race starts over.
How does the bitcoin network reach consensus?
The most important innovation in Bitcoin is the development of a fully decentralized consensus process for resolving disagreements about which block to add to the blockchain, i.e. the blockchain. The diagram above illustrates how this works.
Suppose two nodes on the network discover a new block at about the same time (that is, both find blocks whose hash values are lower than the target value). These are the red and green blocks in the second step above. Only one of these two blocks can become part of the blockchain because they involve many repetitive transactions.
To decide which block to accept, the network proceeds to the next round of the race. Miners start looking for a second new block. If someone finds a second new block, it will contain a pointer to one of the two competing blocks created in the previous round. When this happens, the new block (purple) and its predecessor (green) will become part of the official blockchain. The other rival block (red) is discarded.
In principle, this kind of draw can happen more than once. Someone else could have spotted another block at the same time as the purple one, and this one, in turn, would have pointed to the red block. In this case, the race will continue until the third round, and the winning block in this round will already choose which of the two rival chains will become an official part of the blockchain.
But such confusion cannot persist for a very long time, because the nodes are assembled on a block with a large number of predecessors - and in case of a tie, the block they hear about first is chosen. Therefore, as soon as someone detects a block like the purple block in step 3 - which makes it chain longer than the rest of the concurrent chains - everyone else must accept the new block along with their chosen predecessors. Everyone starts working on the block that follows purple.
There is a reason for miners to follow this long chain rule because they will only receive a 12.5 bitcoin reward if their block becomes part of the consensus blockchain. And since most other nodes on the network follow this rule, chances are high that a block will be accepted if it is built on the end of a block that already belongs to a longer chain - like the red block in the diagram above.
If the miner persistently insists on building on another block (say, a red one), any block he finds will simply snap to the purple block. But miners are building on the block they hear first, so the new block will be ignored.
Now suppose someone wants to violate the integrity of the network by sending one coin twice. The attacker makes a payment, informs the recipient to accept it (and transfers the product or service in return), and then wants to remove the payment from the blockchain in order to send the same coins to someone else. This is how it will look:
In this diagram, the legitimate transaction that the attacker wants to replace is in the yellow box. In step 2, the attacker generates a new block - gray with horns - representing a double transaction. The attack will be successful if the attacker can force the network to drop the yellow block in favor of the gray one.
To do this, the attacker needs to expand their blockchain branch faster than the rest of the network will expand the legitimate branch. The attacker is lucky at first, and he adds the orange block in step 3. This makes the malicious chain as long as the legitimate one, but remember that the honest nodes will be built on the green block because they heard about it first.
The question is who will build the next block. In scenario 4a, the attacker discovers another block and the attack succeeds. Honest nodes following the long chain rule recognize gray and orange blocks as valid, discarding previously set yellow and green blocks.
In scenario 4b, honest nodes strengthen their leadership. Here the attacker's chain is highlighted in gray, but he has not lost yet. He can keep adding blocks as much as he wants - he will only be defeated if the honest nodes have such an advantage that the attacker has no chance of overcoming it.
Computing protects the blockchain
Mining, or bitcoin mining, is a probabilistic process, so the likelihood of an attack being successful depends in part on luck. It also depends on whether the attacker has more processing power than the rest of the network. If so - and this scenario is known as a "51 percent attack" - the attack will be successful. On the other hand, if the attacker controls less than 50% of the total processing power of the network, then the attack is unlikely to be successful, especially if the honest nodes have a decent start.
And here we are slowly approaching the colossal levels of energy consumption by bitcoin. Currently, bitcoin miners have amassed enough collective power to compute over 12 x 1018SHA-256 hashes per second. An attacker would need to acquire comparable computing power, which would be worth hundreds of millions, if not billions of dollars.
Miners have accumulated so much computing power because bitcoin mining is a profitable business. Again, miners receive 12.5 bitcoins - over $ 200,000 - per block.
As the price of bitcoin rises, the industry's profits rise and mining companies spend more on hardware and electricity. In the short term, this will lead to fast block building.
But the bitcoin network is programmed to automatically adjust the mining difficulty to maintain a steady mining rate of six blocks per hour. If the network creates blocks too quickly, the maximum hash value of the block is reduced to make it harder to find the blocks. If block creation slows down, the opposite happens. As a result, the network produces on average one block every 10 minutes, regardless of the processing power of the network.
The 12.5 bitcoin reward is programmed to decline over time. When Bitcoin was launched in 2009, each block created 50 bitcoins. In 2012, the reward dropped to 25 bitcoins, and in 2016 to 12.5. It will also decline every four years - 6.25 in 2020, 3.125 in 2024, and so on.
In a few decades, the reward will drop to negligible levels. At this point, Bitcoin mining will be supported solely by transaction fees. Any transaction can include a commission - a reward that goes to the miner who includes the transaction in a block. If there are too many transactions awaiting inclusion in a block, miners usually include transactions with the highest fees first, thereby keeping fees high.
The early bitcoin proponents loved to tout the fact that bitcoin transactions were free or nearly free. But as the bitcoin network got more congested, the cost of transactions soared. By early December, the average cost of bitcoin transfer fees had skyrocketed to $ 20 as too many transactions accumulated in too small blocks.
Scaling controversy is tearing society apart
The network has become congested because a hardcoded value in the bitcoin code limits the block size to 1 megabyte. This limit, introduced in 2010, was a measure to prevent abuse of the then-evolving network, but became one of the most controversial solutions in the bitcoin world.
Regular bitcoin transactions are on average about 500 bytes in size, so blocks start to fill up when about 2,000 transactions accumulate. If the network creates a new block every 10 minutes, about 3.33 transactions are carried out per second. Obviously, the global payments network needs to process payments much faster.
The bitcoin world has split into two warring camps with different solutions to this problem. One side claims that the solution is simple: increase the block size. They proposed to immediately increase the block size to 2, 4 or 8 megabytes, with further increase as needed in the future.
Another camp fears that the high block limit will make Bitcoin too expensive for ordinary users running a full node on a p2p network. Full Bitcoin nodes must download every bitcoin transaction ever made and store it indefinitely. Increasing the block size limit will increase the node storage requirements. If running a full Bitcoin node becomes too expensive, small nodes will close and the Bitcoin network will end up in the hands of a small number of companies and other large organizations.
Big bloc supporters argue that this is nonsense. At the moment, the blockchain weighs 145 gigabytes and is growing by about 4 gigabytes per month. Doubling the block size would mean that the network would start producing 8 gigabytes of data per month. Considering that Amazon's web services currently pay around 2 cents per gigabyte per month for storage, they say, a reasonable increase in block size won't do anyone any good.
But supporters of the small bloc argue that such reasoning is shortsighted. They point out that doubling the block size alone will not be enough to meet long-term demand. If bitcoin relies on large blocks to scale the network, it will quickly go to 10MB blocks, then 100MB blocks, and possibly 1GB blocks. At some point, ordinary people will no longer be able to run full nodes. Hence, one must look for a way to scale the network while keeping the blocks small.
The first step they are calling for is the segregated witness (SegWit) feature, which was adopted by the network in September. This update moved cryptographic signatures ("witness data") from transactions to a portion of the blockchain that does not count towards the 1 megabyte limit. Once a node has confirmed that these signatures are legitimate, it can discard them, reducing the amount of data that needs to be stored permanently. When the implementation is fully operational, it should roughly double the network bandwidth, without increasing the load on the Bitcoin nodes.
Over time, supporters of small blocks hope to see Lightning, a payment network that should function on top of Bitcoin, work. The raw Lightning specs were released in early December, and now three companies are creating independent implementations of that spec.
A full explanation of the Lightning Network (LN) simply will not fit in this article (and it will be more appropriate to talk about it in the future). In short: it uses a payment channel method that allows many small transactions between two parties without sending separate transactions to the blockchain. The goal of the Ligntning Network is to sew a patchwork connection of payment channels into a global network that allows payments to be exchanged.
If the network works the way its proponents claim it will solve the long-term scaling problem for Bitcoin. But supporters of the big blocs doubt that she will change anything. And you still have to increase the bitcoin block size to meet the growing demand.
Two future bitcoins
The debate over block size has become so fierce that it's easy to lose sight of the big picture. But ultimately, two very different visions of the future of bitcoin are at stake.
The vision with large blocks causes the blocks to eventually grow to gigabytes in size, with smaller players out of the game due to the inability to maintain full nodes. The network will be operated by several dozen mining companies, exchanges and other large bitcoin enterprises (not more than 10,000 full nodes as it is now). From the point of view of a casual user, such a future bitcoin network will be more like a network, and people will be able to make an unlimited number of transactions at a low cost of these transactions. However, greater network concentration can lead to a disproportionate sharing of power among full-node companies - and ultimately make the network more susceptible to government regulation.
In contrast, proponents of small blocks see a new layered architecture in the future, in which transactions on the blockchain will be expensive and few. The blockchain will become a "sedimentary layer" for the Lightning Network, and payment channels that process multiple Lightning payments will be one transaction on the blockchain. With a small block size - even though even supporters of small blocks admit that the size will have to be increased - the main Bitcoin network will remain decentralized, with thousands of nodes run by individuals.
The reason the block size controversy has become so fierce is because each camp sees Bitcoin's development differently. Big bloc advocates believe that small blocs are uselessly sabotaging the growth of the network in search of an ideological agenda. Small blockers argue that large blocks undermine decentralization, which attracted many people to cryptocurrencies in the first place.
The rise of bitcoin forks
There are also controversies because Bitcoin is a consensus-based network. The system works because each node on the network follows general rules for determining the legality and illegality of blocks.
If different nodes do not agree with the rules that they follow, so-called forks (forks) are created - divisions or even forks of the blockchain. The node creates a block - for example, larger than 1 megabyte - that other nodes consider invalid. The network is divided into two parts. Nodes that consider the new block to be legitimate consider it a new long chain and build nodes on it. The nodes that consider it illegal will ignore it and line up on its predecessor. Thus, at first glance, two completely incomparable chains of reactions in the blockchain are running in parallel.
To avoid this, everyone on the network - or nearly everyone - needs to agree on new rules long before they take effect. This need for a broad consensus has been one of the reasons the bitcoin community has had a long debate over block size changes. Since 2015, most people believed that these changes were necessary, but no one understood what the set of changes should be that everyone would agree with.
In August 2017, the dissident faction of the big blocs decided to take matters into their own hands. They deliberately split the blockchain without waiting for consensus. The result is a new cryptocurrency - Bitcoin Cash.
Of course, there are many bitcoin-like cryptocurrencies, but this one is special: since it was a fork of the existing blockchain, anyone who had regular bitcoins before the fork also got Bcash after the fork. The combined value of the two cryptocurrencies essentially exceeded the pre-fork value of bitcoin, essentially generating billions of dollars of new wealth.
In November, a proposal to double the block size on the main Bitcoin network to 2 megabytes followed, but was rejected. In response, some large blockers have moved their crypto value to Bitcoin Cash.
Why Bitcoin can change the world?
The fundamental innovation in Bitcoin is that it was the first electronic payment system to be completely decentralized. This is often put on a political backdrop, positioning the bitcoin network as a rival to the Federal Reserve and the big banks.
But the decentralization of bitcoin had another consequence, which may be more subtle, but no less important: bitcoin transfers are irreversible. If you buy something with a regular credit card and the seller doesn't deliver the product, you can ask the credit card network to cancel the transaction. But that won't work with bitcoins. There's just no one to call.
People compare Bitcoin to the Internet. The Internet has given up guarantees of the reliability of traditional networks; if the internet route is congested, routers simply drop packets that they cannot deliver. It is for the sender to notice that the packet has not been delivered and send another copy.
This approach drove old telecoms crazy, but it turned out to be an important innovation. It allowed Internet routers to be simpler and easier to communicate between different types of networks. And in the end it worked because computers are great at successfully delivering messages.
Bitcoin is making a similar shift: the network itself does not provide end users with robust fraud protection. Instead, responsibility shifts to the creators of bitcoin applications, who must figure out how to protect their users from fraud.
This, in part, makes Bitcoin a risky asset. In 2011, someone claimed that he had 25,000 bitcoins - then they were worth about $ 500,000, but today they would have been worth more than $ 400 million - and they were stolen by a hacker. This story repeats itself over and over again.
But for all its drawbacks, the irreversibility of bitcoin has important potential: it makes bitcoin (like the Internet) a unique open and programmable financial platform. Software that interacts with a conventional payment network such as Visa or MasterCard must take into account their complex security models and the risk that the payment might later be canceled by the network.
Creating a new kind of financial services on a traditional platform requires approval from the owner of the traditional network, and such companies are not inclined to take risks - because a poorly designed application can become a tool of fraud. It is difficult for startups to create new financial services using conventional payment networks.
In contrast, the validity of bitcoin transactions can be fully verified in software. There is no need to worry that they will be canceled later, no confirmations and approvals from above are required either.
Bitcoin-based custom financial applications were expected a few years ago, much like Google and Facebook are built on TCP / IP. Such applications could offer high-level services such as biometric authentication, escrow services for pending orders, customer liability guarantees that protect them from fraud, and anti-fraud measures from conventional financial networks.
Until that happened. Nine years after its inception, the use of bitcoin is still limited to a small community of bitcoin and cryptocurrency enthusiasts.
Maybe you just need to be patient. It took about 25 years for the Internet to go from being an experimental web to a technology that was useful to ordinary people. There are a lot of new things happening in the bitcoin ecosystem right now, and some of the innovations could have unexpected consequences in the coming years.
Bitcoin has become the reserve currency of the cryptocurrency world
One of the consequences bitcoin has left behind is to inspire and support the Cambrian explosion of new blockchain-based technologies. There are hundreds of bitcoin-inspired cryptocurrencies nowadays. People want to use exotic cryptocurrencies because of the benefits they promise. Bitcoin plays the same role in the blockchain economy as the dollar does in international trade. When two small countries want to trade with each other, they sometimes use dollars as their settlement system because the global financial system allows it. This, in turn, pushes up the value of the dollar and makes it easier for Americans to trade with the rest of the world. So Bitcoin has become a convenient medium of exchange for transactions between cryptocurrencies and conventional currencies. But this is not even the beginning.
Ilya Khel