Bitcoin depends on two complementary technologies, digital tokens and blockchain, that together facilitate digital identity, ownership, transactions, contracts, and trust.
Bitcoin and blockchain are based on two cryptographic techniques—hashes and public/private-key encryption—that today invisibly secure the transmission of personal information and purchases online:
- A hash is a mathematical function that converts a string of arbitrary length into a string of fixed length. It is one-way: easy to compute but impossible to reverse. It serves as an efficient way to summarize a document. And it is hypersensitive: the slightest change to the document changes its hash totally.
- In public/private-key encryption, a string is encrypted with one number, but the result can be decrypted only by using its pair. One number (the “public key”) is published in some universal and reliable manner, and the other is kept private. A party can securely send a message by encrypting with the intended recipient’s public key, which only the latter can decrypt. Or a party can digitally “sign” a document by encrypting it (or more likely, its hash) with his or her private key. Anybody can then use the sender’s public key to decrypt the document, thereby confirming that only the owner of the associated private key could have sent it.
As described in the companion article “Thinking Outside the Blocks,” a bitcoin is simply a sequence of digital signatures, each certifying transfer from one pseudonymous holder to the next. (“Pseudonymous” because bitcoin owners are identified by their public keys.) Each payer signs with his or her private key a record of transfer to the recipient’s public key. Included in the transaction record is a hashed summary of the previous transaction. So anybody can check that the record of one transaction was indeed correctly hashed into the next and thus trace an unbroken series of valid transfers back to the creation of the coin. The content of a bitcoin guarantees its “ancestry.”
Proven ancestry does not prevent a valid bitcoin from being spent more than once. So the proposed transaction is distributed over the internet to an open network of “nodes” that compete to assemble valid transactions into a “block.” Software run on a node checks the history of the bitcoin to make sure it has not already been spent by the payer. A new block, typically containing about 200 transactions, is created every ten minutes. The next block contains the hash of its predecessor, so the blocks form a continuous “blockchain.” The blockchain thus guarantees “inheritance.”
Very quickly a block becomes immutable, since the hashes in all subsequent blocks depend on it. Rewriting a transaction would require recomputing all subsequent blocks, and doing so faster than the rest of the network can add new blocks.
The owners of these node machines, called bitcoin “miners,” are motivated to perform the service of validating transactions through a “contest” to create the next block. The winner receives 12.5 newly minted bitcoins. Because some 5,700 nodes are working in parallel, discrepancies may arise from fraud or slow synchronization. But nodes follow a simple rule: always prefer the longest blockchain. This is the so-called consensus mechanism. Nodes do not need to be trusted to do this. Following the consensus is rational because each node knows—and knows that all other nodes know—that the reward will be automatically cancelled if a string of blocks becomes orphaned. No external institution, legal obligation, or altruistic motivation is required; the software defines a positive-sum game.
The contest involves solving, by trial and error, a hashing problem. This requires on average 10,000 terahashes per block. The inefficiency is the point: this so-called proof-of-work raises the cost of corrupting the system. To rewrite a block or conduct a denial-of-service attack, an antagonist would have to overwhelm the immense computational power of 51% of the network. It is a better business proposition to mine bitcoin by validating transactions.