What is Bitcoin?

A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.

A truly peer-to-peer decentralized cryptocurrency should be able to send coins directly from one party to another via online payments, without going through any central financial institution.

Bitcoin is a crypto-currency implemented from a paper (bitcoin white paper) published by an unidentified person calling himself Satoshi Nakamoto.

Bitcoin is not so much a cryptocurrency as a payment and settlement system based on peer-to-peer networks, which makes it easier to understand its nature.

Why was Bitcoin invented?

2.1. Centralization, based on trust model

Hop App platform bought two bottles of craft beer A claim to the three suppliers, add me WeChat told me with a bottle of wine is out of stock, you can add money in exchange for other wine Although this person WeChat circle of friends were pure beer related content, and clearly know which wine I bought out of stock But, my heart still don’t trust the man, more trusted platform, So I exchanged a bottle of wine on the deck

Can platforms really be trusted? Let’s say I place an order just in time to catch the platform server down, deducting the money successfully, but did not receive the goods. Due to the poor performance of the platform system, I can no longer find that order, can not prove that I have paid, and can not deliver the goods to me. No one can say anything about the deal, and trust is gone.

Bitcoin is going to solve the problem of trust

What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.

What we really need is a digital currency payment system based on cryptography rather than trust, allowing both parties to pay directly without the involvement of a trusted third party

2.2 Double Spending Attacks

Double spending is spending the same amount of money twice or more.

Suppose a central bank issues a digital currency, which in software is essentially a file that can be copied. If A transfers 100 yuan to B, and then copies the same amount of money to C, it is the so-called “double spending”, double spending attack only through the verification of digital currency signature is not enough, but also need to use additional means.

Bitcoin is going to solve the double spending problem

We propose a solution to the double-spending problem using a peer-to-peer network

In this paper, we will propose a new solution using point-to-point decentralized network to solve this two-flower problem

In the Section on Bitcoin Transactions, we will explain in detail how bitcoin solves the double spending problem.

Cryptography in Bitcoin

3.1 Hash Algorithm

So what does a hash algorithm do? Let’s start with a little story.

Was Yongzheng a usurper or not?

There has long been a legend that Yongzheng was not the real emperor of Kangxi, but someone secretly revised the imperial edicts and usurped the throne.

Suppose Kangxi knew the hash function

If there is no hash function, after the death of emperor Kangxi, the edict is dead without evidence, can only write what, the minister will do.

But with hash function, it became different. Kangxi could write his will in advance when he was alive, and calculate a hash string with hash function, which was handed over to ministers. The ministers could not guess what the contents of the edicts were when they saw the hash strings. They could only wait until the day when the edicts were published to calculate the hash values again to see if they were consistent with the hash strings given by the emperor to judge whether the edicts were tampered with. If you change it, you won’t do it.

From this short story, we can summarize two properties of hash:

  1. Tamper-proof, slightly changed input, output vary
  2. The output is not invertible, you just know that you can’t invert the output what is the input

3.2 The hash algorithm used by Bitcoin

SHA256 is a Cryptographic Hash Function.


Any input = = > S H A 256 = = > 256 A hash Any input ==> SHA256 ==> 256-bit hash

In bitcoin, three properties of SHA256 are exploited

  • Irreversibility
  • Collision Resistance
  • Hash values are Puzzle friendly
3.2.1. Irreversibility

SHA256 features:

  1. Input length arbitrary
  2. The output length is fixed at 256 bits

Such as


Books of the World = = > S H A 256 = = > 256 A hash Worldwide books ==> SHA256 ==> 256-bit hash

If this process is reversible, we have discovered an unbeatable compression algorithm that can compress the world’s books into 256 bits and store them.

3.2.2 Collision Resistance

According to the drawer principle, the input space is infinite, the output space is limited, theoretically there must be collisions.

But from long experience, there is no artificial, efficient way to create collisions.

Collisions can only be found by traversing the input space with violence

3.2.3. Hash values are Puzzle friendly

Puzzle Friendly refers to a hash string given in advance, such as 00000000FeACb46D… The first eight bits are all zeros, allowing you to solve the puzzle and find out what the input is.

Since SHA256 has no direct way to guess what the input is or by finding a pattern, it can only find the answer by traversing the input space by force. (Not at all.)

For example, if you find an input A and the first seven bits of the output are all zeros, you might feel like you can find the answer by simply adjusting the input. In fact, you might get an answer with no zeros. That is, every calculation you do is Memoryless, and you can only do it by trying a lot and constantly finding the answer.

Besides, once you’ve found your answer, it’s easy for someone else to verify your answer by rehashing your answer. (Difficult to solve, but easy to verify)

The bitcoin mining process takes full advantage of Puzzle Friendly, as we’ll explain later.

3.3 Digital Signature

Before understanding digital signatures, you need to have some understanding of asymmetric encryption.

3.3.1 What is asymmetric encryption?

Alice wants to send a message to Bob using asymmetric encryption. What does he do?

  1. Bob needs a public key and a private key pair.
  2. Bob’s public key is open to everyone, so Alice can get Bob’s public key
  3. Alice encrypts Message using Bob’s public key and sends the ciphertext to Bob over the network
  4. After receiving the ciphertext, Bob decrypts it using his private key Bob’s private key to obtain Message
  5. To complete the communication

Bob’s private key is safe as long as the private key is not disclosed.

3.3.2 What is a digital signature?

Or if Alice wants to send a message to Bob, using asymmetric encryption, why should Alice believe that Bob’s public key is Bob’s? Is it possible someone else switched it? This requires Alice to use the digital signature technology to verify whether Bob’s identity is real

  1. Bob uses the private key to generate a digital signature
  2. Alice verifies the signature with Bob’s public key
  3. If the verification is successful, it proves that the public key must be Bob’s, because the signature can only be generated by Bob’s private key

How is Bitcoin traded?

4.1. Blockchain

In the Bitcoin system, transactions are held in blocks, so what exactly is a blockchain?

  • A block consists of a block header and a block body
  • The hash of the previous block header is stored in the block header
  • The block body stores the specific Transaction information (Transaction – Tx)

Blockchain is not actually a linked list structure composed of blocks, but through the (key,value) database implementation. In a database, key is the hash of the block header and value is the block content.

4.2, account

In Bitcoin, an account is a locally generated pair of public and private keys

  • The hash value of the public key is used as the transfer address, which is equivalent to the bank card number
  • The private key is the equivalent of a bank password, which needs to be kept safe and cannot be retrieved once lost

4.3. Prevent double flowers

In reality, A -> B’s 100 yuan process actually reduces A’s wallet by 100 yuan and increases B’s wallet by 100 yuan, naturally preventing “double spending” (unless you steal the money spent and spend it again).

However, there is no account system in Bitcoin to help you keep track of how much money a user has left in their account. So how does bitcoin validate the “double flower”?

4.3.1 Tracing the currency source

Each bitcoin Transaction is a combination of UTXO Unspenting Transaction Outputs, the inputs for this Transaction. Each transaction verifies that UTXO can pay a sufficient amount of coins, as shown in the following example.

  1. Coinbase, called A “minting” transaction, is A miner’s block reward for digging A new block, let’s say A gets 10 BTC of the block reward
  2. A transferred 5 BTC to B and 5 BTC to C at the same time. At this time, the system will verify whether A has the ability to pay 10 BTC and backtrack to find the source of A BTC, so it finds the coinage transaction and finds 10 BTC and the transaction is legal
  3. Similarly, when C transfers to E 7BTC, it needs to find the 5 + 2 BTC it got in the previous transaction

In addition to proving the source of the coin, the transferor needs to sign the transaction with its own private key for authentication.

Bitcoin mining

5.1. Why mine?

  1. To create bitcoins, new bitcoins can only be created if new blocks are mined. According to Satoshi Nakamoto, the initial block reward is 50 BTC, and the block reward is halved every four years, so the total number of bitcoins is about 21 million
  2. Package transactions, by digging up new blocks, package and record newly generated transactions
  3. Reach a consensus. Through Proof of Work + reward mechanism, the nodes in the system can reach a consensus and develop in a better direction

5.2 Mining process

Bitcoin mining is a lot like the actual mining of gold:

  • There is a finite amount of gold, and the more you dig it up, the less you’ll get
  • Mining gold requires the cost of technology and physical labor to pay off. Bitcoin also requires the cost of computing power and electricity to harvest bitcoin

Let’s take a brief look at how bitcoin mining works.

5.2.1 Find the longest legal chain

A miner in Bitcoin is a full node in a system that, in addition to mining, is responsible for maintaining the full amount of block data

An honest miner will mine according to the longest legal chain

  • Longest, as the name suggests, the miner only digs backward along the longest chain in the system
  • Legitimate, verify whether the block information is tampered with, all transactions recorded in the block is legitimate. Once the miner identifies the current chain as non-compliant, he or she will immediately find another longest legal chain and continue mining
5.2.2 Mining and solving puzzles

To put it simply, mining puzzle is that miners find a random number nonce that meets the requirements through violent hash operation, which meets the following formula


H ( h e a d e r n o n c e ) < = t a r g e t H(header || nonce) <= target

  • Target is a string of 256-bit hashes (the first k bits are 0)
  • The larger the k, the smaller the target, and the higher the mining difficulty. Just like shooting a target, the larger the k, the smaller the target, the harder it is to hit
  • Increasing the calculation power will increase the probability of mining, but it does not mean that the current block will be struck by miners with higher calculation power

Nakamoto designed blocks of about 10 minutes and adjusted the difficulty of mining every two weeks. For example, if the average block time in the last two weeks is 7 minutes, the difficulty will increase, otherwise the difficulty will decrease.

5.2.3 requires, radio,

After solving the puzzle successfully, you need to quickly broadcast the assembled block to the neighboring nodes, so that the block you dig is confirmed in the longest legal chain, and you get the block reward and transaction fee.

5.2.4 Six-time transaction confirmation mechanism

The network is unreliable and delays are likely during the broadcast phase. So the transaction on the chain, not immediately effective, Satoshi designed a block on the chain need to wait for 6 blocks on the chain can be really confirmed.

Why do you do that?

  1. Prevent double flower, if a, b miner dug new block at the same time, and broadcast to go out. Where, A records that A transfers 10BTC to B, and B records that A transfers 10BTC to C. In fact, A only has 10BTC. If both blocks are recognized, there will be A double flower.
  2. Why six? Nakamoto thought that it would take about an hour to dig out the 6 blocks, and it would cost a lot to tamper with another fork attack.

5.3 51% computing power attack

Let’s say there’s some group that has 51% of the world’s computing power, and it’s been mining along its own chain, and at some point in time, theoretically, the chain that that group has mined will become the longest, and when it’s broadcast, that chain will become the longest legal chain, and the old transactions will be replaced by that group.

  • A 51% attack can only replace legitimate transactions on the chain, but it cannot steal other users’ Bitcoin because honest nodes verify the signatures of transactions.
  • A 51% attack can launch a double-flower attack, which will cause the verification mechanism to fail six times due to its powerful computing power. For example, A => B (10BTC) has been confirmed, where A is the attacker and the transaction is A’s signature. After 51% attack is launched, it can be changed to A => C (10BTC), and C can be another account of the attacker.
  • 51% is just a symbolic number, and it doesn’t have to be 51 to attack. Some research groups have shown that only 30% of the total network computing power is enough to launch 51% attacks. (Why only 30%? My guess is that there is competition among the other forces, and the 30% are united.)

One mining pool (Ghash. IO) exceeded 51%, causing the value of Bitcoin to plummet, and many miners voluntarily withdrew from the pool to ensure the safety of the system.

The bitcoin system has formed a closed loop in the three aspects of “security”, “high value” and “healthy mining”. The higher the computing power, the more difficult it is to launch a 51% attack, the more secure the system, and thus the higher the price of Bitcoin. So that the people who want to attack will not necessarily make anything if they attack, rather than using all of their computing power to mine.

6. Disadvantages of Bitcoin

  1. Proof of work mechanism causes waste of computing power and electricity
  2. Block issuing time is limited to about 10 minutes on average, and a transaction takes about an hour to be confirmed by the system
  3. Once the bitcoin private key is lost, there is no way to retrieve it, and the bitcoin in the account can never be withdrawn
  4. Transfer to wrong address cannot be rolled back

reference

  • Zero-based Blockchain
  • Peking University teacher Xiao Zhen’s open class
  • Bitcoin White Paper
  • Illustration of Blockchain
  • Graphic Cryptography