How does bitcoin work? How digital signatures allow for virtual payments? The invention Nakamoto solves the problem of double spending, which limited previous attempts to create digital currencies? What is the future for bitcoin? All in good time.
Cryptocurrencies have become possible due to asymmetric encryption
Until 1970-ies of all known encryption schemes have been symmetric: the recipient of an encrypted message had to use the same secret key to decrypt the message which was used by the sender for encryption. But that all changed with the advent of asymmetric encryption schemes. It was a scheme in which a key for decryption of the message (known as the private/the personal/the private/the private key, private key) different from the key needed for encryption (public/open/shared key, public key) — no practical way to know the private key being available to the public.
Whitfield Diffie, an important person in the development of cryptography in the 70s
This means that you could easily reveal your public key, allowing you to use it to encrypt a message that only you, as the owner of the private key can decrypt. This breakthrough changed the field of cryptography, because it became obvious that any two people can communicate securely over an insecure channel without worrying that they will be able to read someone else.
Do asymmetric encryption was another innovative use of digital signatures. In conventional public key cryptography, the sender encrypts the message with the public key of the recipient, and the recipient decrypts it with its private key. But it can flip: when the sender encrypts the message with its own key and the recipient decrypts it using the public key of the sender.
It does not protect the secrecy of the message, since anyone can obtain the public key. But this provides cryptographic proof that the message was created by the owner of the private key. Anyone with public key can verify the proof without knowing the secret key.
Very soon people realized that these digital signatures can make it possible to cryptographically secure digital money. Using a classic example, let's suppose Alice has a coin and she wants to pass it on to Bob.
She writes the message "I, Alice, give her coin to Bob," and then signs the message with his own private key. Now Bob — or anyone else — can decrypt the signature using the public key of Alice. Since only Alice can create a protected message, Bob can use this to demonstrate that the coin now belongs to him.
If Bob wants to send a coin to Carol, he will follow the same procedure and declare that the coin Carol, encrypting the message with its private key. Carol can use this chain of signatures — the signature of Alice, transmitting a coin to Bob, and Bob's signature, transmitting the coin Carol — as proof that she owns the coin.
Please note that none of this requires formal third party for authorization or authentication of transactions. Alice, Bob and Carol can generate its own pair of public-private keys without help of third parties. anyone who knows the public keys of Alice and Bob can independently check whether a cryptographically valid chain of signatures. Digital signatures — combined with several innovations, which we will discuss later, allow people to engage in banking activities without needing a Bank.
How bitcoin transactions work
The General scheme of digital cash are described in the previous section, is very close to how the real work bitcoin payments. Here's a simplified diagram of how the real bitcoin transactions:
Bitcoin transaction contains a list of inputs and outputs. Each output is associated with a particular public key. To last charge spent these coins, it needs input with a corresponding digital signature. Bitcoin uses elliptic curve cryptography for digital signatures.
For example, suppose that you have the private key corresponding to the Public Key D in the diagram above. Someone wants to send you a 2.5 bitcoins. That someone creates a transaction like Transaction 3 2.5 bitcoins coming to you — the owner's public key D.
When you're ready to spend these bitcoins, you will create a new transaction kind of Transaction 4. You list the Transaction 3, the terminal 1 as a source of funds (findings indexed by zeros, so that the output 1 will be the second exit). You use your secret key to generate a Signature D signature that can be verified by using the public key of D. These 2.5 bitcoins are now divided between two new insights: 2 bitcoins to the Public Key E, and 0.5 bitcoins to the Public Key F. Now they can spend only the owners of the relevant secret keys.
A transaction can have multiple inputs, and it must spend all of the bitcoins from the relevant conclusions of the previous transaction. If a transaction displays less bitcoins than it receives, the difference is treated as a payment for the transaction (the Commission) received by the bitcoin miner that processed the transaction. More on that later.
In network bitcoin addresses that people use to send each other bitcoins, extracted from the public key like a Public Key D. the Exact details of the format of the addresses bitcoins are complicated and change over time, but a bitcoin address can be represented as a hash (short and random chain of bits, which serves as a cryptographic fingerprint) of the public key. Bitcoin addresses are encoded in a custom format Base58Check, which minimizes the risk of errors. A typical bitcoin address looks like this: 18ZqxfuymzK98G7nj6C6YSx3NJ1MaWj6on.
This transaction takes 6,07 bitcoins from one address input, and divides them between the two addresses output. One address output gets a little more than 5 bitcoins, and the other slightly less than 1 bitcoin. More likely, one of these addresses output belongs to the sender — sends "change" myself — and the other belongs to a third party.
Of course, the real bitcoin transactions can be much more complicated simple examples shown above. Perhaps the most important function, illustrated above, is that instead of the public key, the output can have a verification script, written in a simple scripting language specific to bitcoin. To spend this output, the subsequent transaction must have settings that allow this script to evaluate to true (true).
This allows bitkulovoy network to implement arbitrarily complex conditions that determine how to spend the money. For example, a scenario may require three different signature stored in different people, and also require that the money was not spent until a certain time in the future. Unlike with Ethereum, the bitcoin language does not support looping, so the script is guaranteed to complete in a short period of time.
How bitcoin prevents double-spending
Many people in the 1980-ies and 1990-ies wanted to use digital signatures to create a completely decentralized electronic cash system. But a fully decentralized system of digital currency were two big problems that demanded solutions.
One of the problems is how to introduce new coins into the system. Obviously, a viable payment network requires the creation of new coins, but if allowed to create new coins to anyone, anytime, the currency will quickly be useless.
The second issue is that double-spending. Rules of bitcoin say that every transaction output can be spent only once. If someone tries to spend money twice the output, the bitcoin community in a certain way will be able to track this effort and to cancel the last transaction.
The obvious solution would be to create a company that will manage a total record of all the transactions. Work traditional payment networks like MasterCard and PayPal. But the inventor of bitcoin Satoshi Nakamoto wanted to build a network that will not be managed by any single organization.
Therefore, Nakamoto invented the General Ledger — the blockchain — which is supported by computers, called nodes, operating in peer-to-peer network. Thousands of computers around the world store a separate copy of the entire block that holds every transaction that has occurred since the launch of the network in 2009. The network rewards the nodes that help to create the block chain, allowing them to create new bitcoins — so the problem of distribution of coins and at the same time creates the incentive to solve the problem of updating the book of records.
It looks like this: when the user wants to perform a bitcoin payment, it uses software to create a new transaction. From the user's perspective, it just means enter the transaction amount and the bitcoin address of the recipient in the network, and then press "send".
The client software formulates a transaction and send it to the nearest node in the bitcoin network. The first node that hears about the transaction, shares it with others until it is widely distributed throughout the network.
Some of the nodes are miners ("miners") who participate in the process of actual updating of the blockchain. The miner builds a list of all the transactions about which he had heard, but not yet in the blockchain. It then checks to see whether all the rules of bitcoin performs a transaction the veracity of the signatures to the amount of insights not exceed the amount of inputs, and so on, discarding those that do not meet the rules. The result is a new list of checked transaction unit. Miner adds a special transaction yourself with a fixed reward — now it is 12.5 bitcoins per block created.
Currently to 12.5 bitcoins is over $ 200,000, so many people would like to add the next block in the blockchain. To win the right to add the next block, bitcoin miners compete with each other, carrying out repeated calculations. They add a random value (nonce) in the candidate block that was created. Then apply the hash function SHA-256, which produces a short and random for a sequence of ones and zeros, which serves as a cryptographic fingerprint for the block.
The task is to find a block hash which would be very small — that is, to the binary value started with a large number of zeros. Now, for example, the winning unit need a SHA-256 hash, starting with no less than 72 zeros.
Since the hash values of SHA-256 is essentially random, the only way to find a suitable — re-guessing. In most cases, the hash value will be too high, and the miner will have to repeat the process, modifying the nonce value and calculating a different hash function. The network now computes about 7 x 1021 hash SHA-256 on average on each block.
Whoever finds a block, it first informs the rest of the network. Everyone else confirm that the hash is sufficiently low and its transactions are valid. If so, they add this block to their copy of the blockchain. And the race begins anew.
As the bitcoin network reaches consensus?
The most important innovation of bitcoin is the development of a fully decentralized consensus process to resolve disagreements about which unit to add to the blockchain, that is the block chain. The diagram above illustrates how this works.
Suppose that two nodes in the network detect a new block at about the same time (i.e. both find blocks, the hash values are below target values). It is red and green blocks in the second step above. Only one of these two blocks can become part of the blockchain, because they include a lot of recurring transactions.
To decide which block to take, the chain moves to the next round of the race. The miners begin the search for a second new block. If someone will find a second new block, it will contain a pointer to one of two competing blocks that you created in the previous round. When this happens, a new block (purple) and its predecessor (green) will become part of the official blockchain. The other competing block (red) is discarded.
In principle, such a draw could happen repeatedly. Someone else could find another block at the same time with violet, and this, in turn, would point to the red block. In this case, the race will last until the third round, and the winning unit in this round will have to choose which of the two competing chains will become an official part of the blockchain.
But this confusion cannot last very long, because the nodes are going on the block with a large number of predecessors, and in case of a tie choose the block, which you hear in the first place. So as soon as someone detects a block similar to the purple block in step 3 — who makes the chain longer than the other competitive chain — all the rest should make a new block with his chosen predecessors. Everyone starts to work on the unit, following the purple.
The miners have a reason to follow this rule the longest chain, because they will get a reward of 12.5 BTC, only if their block will become part of the consensus blockchain. And since most other nodes in the network follow this rule, chances are high that the unit will be accepted if it will be built at the end of the block, which already owns more than a long chain — like red block in the diagram above.
If the miner insists on the construction of another unit (say, red), any block, which he will find will simply be tied to the purple block. But the miners build the block, which you hear first, so a new block will be ignored.
Now suppose that someone wants to compromise the integrity of the network by sending a single coin twice. The attacker makes a payment, informs the recipient about the need to accept it (and passes the product or service in response), and then wants to delete the payment from blockchain to send the same coins to someone else. Here's how it will look:
In this diagram, a legitimate transaction, which the attacker wants to replace is in the yellow block. In step 2, the attacker generates a new block — grey with horns, which is a double transaction. The attack is successful if an attacker can force the network to drop the yellow block in favor of gray.
To do this, an attacker would need to expand its branch of the blockchain faster than the rest of the network will increase the legitimacy of the branch. First, the attacker is lucky, and he adds orange block in step 3. It makes malicious chain as long as is legal, but do not forget that honest nodes will be built on the green block because I heard about it in the first place.
The question is, who will build the next block. In scenario 4A, the attacker discovers a block, and the attack is successful. Honest nodes that follow the rule of long chain recognize the grey and orange blocks are valid, discarding previously set yellow and green blocks.
In scenario 4b honest nodes strengthen its leadership. Here the chain attacking is greyed out, but it is not yet lost. He can continue to add blocks to how much he will be defeated only if honest nodes will acquire the advantage that the attacker will not have any chance to overcome it.
Computing protect the blockchain
Mining, or mining bitcoins is a probabilistic process, so the probability that an attack will be successful depends partly on luck. It also depends on whether the attacker has more computational power than the rest of the network. If so — and this scenario is known as the "51% attack" — the attack will be successful. On the other hand, if an attacker controls less than 50% of the total computing power of the network, the attack is unlikely to be successful, especially if honest nodes have a decent start.
And here we slowly approach to enormous levels of energy consumption of bitcoin. Currently, bitcoin miners have enough collective power to calculate more than 12 x 1018SHA-256 hashes per second. The attacker would need to acquire comparable computing power that would have cost hundreds of millions, if not billions of dollars.
The miners have accumulated so much computing power because mining bitcoins is a lucrative business. Again, the miners receive 12.5 bitcoins — more than $ 200,000 for the unit.
As the bitcoin price increases, industry profits, and mining companies spend more on equipment and electricity. In the short term this will lead to rapid creation of blocks.
But the bitcoin network is programmed to automatically configure the difficulty of mining to maintain a stable production rate of six blocks per hour. If the network generates blocks too fast, the maximum hash value of the block is reduced to finding the blocks was difficult. If the creation of blocks is slowing down, the opposite occurs. As a result, the network produces an average of one block every 10 minutes regardless of the computing power of the network.
Award in the amount of 12.5 bitcoins are programmed to decline over time. When bitcoin was launched in 2009, each unit has created 50 bitcoins. In 2012 the award was down to 25 bitcoins, and in 2016 — up to 12.5. Every four years it also will decline to 6.25 in 2020, in 2024 3,125, and so forth.
Within a few decades, the reward will drop to a negligible level. At this point mining bitcoins will be supported solely by the fee for the transaction. Any transaction can include a fee — award, which goes to the miner who includes the transaction in the block. If included in the unit expect too many transactions miners include transactions usually first with the highest Commission, thereby supporting the Commission at the highest level.
The first proponents of bitcoins liked to advertise the fact that bitcoin transactions are free or nearly free. But as soon as the bitcoin network has become more loaded, the value of transactions has increased. By the beginning of December the average cost of the transfer fee of bitcoin soared to $ 20, because too many transactions were accumulated in too small blocks.
The debate on the topic of scaling torn society
The network became overloaded because a hard-coded value in the code of bitcoin limits the block size to 1 megabyte. This limit, introduced in 2010, was a measure to prevent abuse of the then-growing network, but became one of the most controversial decisions in the world of bitcoin.
Conventional bitcoin transactions average size is about 500 bytes, so the blocks begin to fill up, when accumulated about 2000 transactions. If the network creates a new block every 10 minutes, second is of the order of 3.33 transaction. Obviously, global payment network that needs to process payments much faster.
The world of bitcoins is divided into two warring camps with different solutions to this problem. One side argues that the solution is simple: increase the block size. They immediately offered to increase the block size to 2, 4 or 8 megabytes, with a further increase as needed in the future.
The other camp fears that the high limit of the unit will make use of the bitcoins too expensive for ordinary users who run a full node in the p2p network. Full bitcoin nodes have to download every bitcoin transaction ever made, and store it for an unlimited time. Increase the limit of the block size will increase the requirements for storage node. If running a full node bitcoin will become too expensive, small closed knots, and the network of bitcoin will be in the hands of a small number of companies and other large organizations.
Proponents of large blocks claim that this is nonsense. At the moment, blockchain weighs in at 145 GB and is growing at about 4 gigabytes per month. Doubling the block size will mean that the network will produce 8 gigabytes of data per month. Given that web services Amazon currently pay about 2 cents per Gigabyte per month for storage, they say, a reasonable increase in block size will not make anyone the weather.
But supporters of the small block claim that such arguments are short-sighted. They indicate that doubling the block size will not be enough to meet demand in the long term. If bitcoin relies on large blocks to scale the network, it will quickly reach the 10-needs blocks, then up to 100-needs units and, possibly, 1-Gigabyte chunks. At some point ordinary people will not be able to run full nodes. Therefore, you need to find a way to scale the network, keeping the units small.
The first step, which they call, is a function of segregated witness (SegWit), which was adopted in September. This update has brought a cryptographic signature ("data of the witness") from transaction as a part of the blockchain, which is not included in the 1 needs limiting. As soon as the site confirmed that these signatures are legitimate, it can be dropped, reducing the amount of data that must be stored permanently. When the implementation is operating at full capacity, it should roughly double the throughput of the network without increasing the load on the bitcoin nodes.
Over time, supporters of small blocks hope that Lightning will work, payment network, which must operate on top of bitcoin. Raw specifications of the Lightning was represented in the beginning of December, and now the three companies create an independent implementation of the specification.
Full explanation about Lightning Network (LN) simply will not fit in this article (and in the future it will be more appropriate to say). In short: it uses a method of payment channels that allow to carry out many small transactions between two parties, without sending a separate transaction in the blockchain. The purpose of Ligntning Network is to sew a patchwork connection of payment channels in the global network enabling the exchange of payments.
If the network will work as its supporters claim, it will solve the long term problem of scaling bitcoin. But supporters of the big blocks I doubt it will change anything. And still have to increase the size of the unit of bitcoins to meet the growing demand.
Two future bitcoin
The debate on the topic of the block size became so violent that it is easy to lose sight of the big picture. But ultimately, at stake are two different visions for the future of bitcoin.
Vision with larger blocks causes the blocks will eventually grow to Gigabyte size, and smaller players out of the game due to the inability to maintain full nodes. The network will run several dozen mining companies, stock exchanges and other large enterprises bitkoenig (not more than 10,000 full nodes like now). From the point of view of a casual user, this future network of bitcoin will be more like a network, and people will be able to make unlimited transactions for small value of these transactions. However, a large concentration of the network can lead to disproportionate power-sharing among companies operating with a full node — and, ultimately, will make the network more susceptible to state regulation.
Conversely, supporters of the small blocks you see in the future a new layered architecture, in which the transactions in the blockchain will be expensive and few. The blockchain will become "sediment" the Lightning, and payment channels that conduct a variety of payments Lightning will be one transaction in the blockchain. With small block size — despite the fact that even supporters of small blocks recognize that the size will have to increase the main bitcoin network remains decentralized, and will include thousands of nodes managed by individuals.
The reason why the debate on the topic of the block size became so violent, is that each of the camps you see the development of bitcoin in their own way. Proponents of large blocks believe that melkoplodnyj useless sabotage the growth of the network in search of an ideological agenda. Melkoplodnyj argue that large blocks of undermining the decentralization that has attracted many people to the cryptocurrency in the first place.
Growth bitkoenig forks
The debate is because bitcoin is a network which works on a consensus basis. The system works because each node in the network follows the General rules for determining the legality and illegality of the blocks.
If nodes do not agree with the rules, which follow, are the so-called forks (the fork) is a division or even a branch of the blockchain. The node creates a block — for example, larger than 1 megabyte — which other nodes as invalid. The network is divided into two parts. Nodes that are considering a new unit is legitimate, consider it a new long string and build nodes on it. Nodes that consider it illegal, it will be ignored and built on his predecessor. Thus, at first glance, in parallel there are two non-comparable chain reactions in the blockchain.
To avoid this, everyone in the network — or almost all — we need to agree on the new rules before they take effect. This need for broad consensus was one of the reasons why bitcoin community led long debate on the topic of change of block size. From 2015, most people believed that these changes are necessary, but nobody understood what should be the change set to which all would agree.
In August 2017 the dissident faction of krupnoblochnogo decided to take matters into their own hands. They deliberately divided the blockchain, without waiting for consensus. The result is a new cryptocurrency, Bitcoin Cash.
Of course there are many bithiophene cryptocurrency, but this one is special: because it was a fork of an existing blockchain, anyone who was a regular bitcoin to branching, also received Bcash after branching. The combined value of the two cryptocurrencies in fact exceeded the value of bitcoin to fork, in fact creating billions of dollars of new wealth.
In November there was a proposal to double the block size in the core network of bitcoins to 2 megabytes, but was rejected. In response, some krupnoblochnye has moved its cryptanalyst Bitcoin Cash.
Why bitcoin can change the world?
The fundamental innovation of bitcoin is that it was first electronic payment system which was fully decentralised. It's often put on the political background, positioning the network of bitcoin as a rival to the Federal reserve and major banks.
But the decentralization of bitcoin had another consequence, which can be more subtle, but no less important: bitcoin transfers are irreversible. If you buy something using a typical credit card and the seller does not deliver the product, you can ask the network credit card to cancel the transaction. But with bitcoin it will not work. There is simply nobody to call.
People compare bitcoin to the Internet. Could guarantees the reliability of traditional networks. if the network route is congested, routers simply discard packets that fail to deliver. The task of the sender to notice that the package has not been delivered, and send another copy.
This approach made the old telecommunicationslaw to go crazy, but was an important innovation. He allowed Internet routers become easier and to facilitate interaction between different types of networks. And ultimately it worked because the computers do an excellent job with the successful delivery of messages.
Bitcoin makes a similar shift: the network itself does not provide end-users with reliable fraud protection. Instead, responsibility goes to the creators bitkoenig applications that need to figure out how to protect its users from fraud.
In part, this makes bitcoin a risky asset. In 2011, someone said that he had the 25,000 bitcoins — then they cost about $ 500,000, and today would be worth more than $ 400 million — and they were stolen by a hacker. This story is repeated again and again.
But despite all the shortcomings, the irreversibility of bitcoin has an important potential: it makes bitcoin (and the Internet) a unique open and programmable financial platform. Software that interacts with the conventional payment network such as Visa or MasterCard, you should take into account their complex security model, and the risk that late payment can be canceled by the network.
The creation of new types of financial services on a traditional platform requires approval from the owner of a traditional network, and these companies are not willing to take risks — because a poorly designed application could become an instrument of fraud. Start-UPS are difficult to create new financial services with the use of conventional payment networks.
On the contrary, the reality bitkoenig transactions can be completely verified in the software. No need to worry about that later, they will be canceled, no evidence, and claims in excess is also not required.
A few years ago, anticipated the emergence of custom financial applications based on bitcoin, like Google and Facebook is built on TCP/IP. Such applications could offer services to high — level biometric authentication service escrow for pending orders, warranties, customer's responsibility to protect them from fraud, as well as measures to combat fraud conventional financial networks.
This has not happened yet. Nine years after creating use of bitcoins are still limited to a small society of enthusiasts of bitcoin and cryptocurrency.
Perhaps we should just be patient. It took about 25 years, the Internet has evolved from an experimental network technology that was useful for ordinary people. Currently in the bitcoin ecosystem there are many new, and some innovations can have unexpected consequences in the coming years.
Bitcoin became the reserve currency of the crypto world
One of the consequences of that bitcoin left behind, is about inspiration and support of the Cambrian explosion of new technologies based on the blockchain. Currently, there are hundreds of cryptocurrencies inspired by bitcoin. People want to use exotic cryptocurrencies due to their promised advantages. Bitcoin also plays the same role in the economy of the block chain, as the dollar in international trade. When two small countries want to trade with each other, they sometimes use dollars as a payment system, because of the global financial system allows it. This, in turn, pushes the value of the dollar and makes it easier for Americans to trade with the rest of the world. So bitcoin has become a convenient medium of exchange for transactions between crypto-currencies and conventional currencies. But that's not even the beginning.
- 19-04-2019How IoT technologies will change the world in the next 10 years
- 12-04-2019Empty threats: why Russia does not control the execution of its sanctions
- 24-03-201995% of the reported trading volume of Bitcoin turned out to be fake
- 20-10-2018How and why to create your own cryptocurrency
- 03-10-2018Partner Soros: we have prepared a new global crisis — three times stronger than the first