Bitcoin’s blockchain technology is relatively immature but will likely revolutionize how we exchange information.
When it was introduced in 2009, it was loathed by banks and cherished by cyber libertarians everywhere. Now, Bitcoin has taken the Internet and popular imagination by storm. As a cryptocurrency, Bitcoin is a method for conducting e-commerce between peers in a network, though it has been adapted to other applications such as maintaining land grant records. Bitcoin, although still immature, has introduced an innovative technology that will surely revolutionize how we carry out transactions, monetary or otherwise.
In the broadest sense, Bitcoin is a distributed public ledger that facilitates transactions between users in a peer-to-peer network. The users, or nodes, in the network can trade with each other without interference or oversight from a central authority, like a government or bank. Bitcoins have no intrinsic value, and their value is not determined by any government. Rather, the value of a bitcoin is derived from the value people assign it.[i] Unlike the US dollar or the euro, bitcoins are rare; in fact, only 21 million will ever be produced. Artificial scarcity and high demand have thus driven up exchange rates with real currency. Indeed, at the time of writing, the value of one bitcoin has skyrocketed to approximately $1,055.
Value aside, the unique distributed nature of Bitcoin raises a peculiar question: Who decides which transactions on the network are valid? Any real-world transaction is rooted in trust. For example, if Alice orders a product from Bob’s website, she trusts that he will deliver the product in exchange for an agreed price. That implied trust, which itself is supported by governments and banks, is also present in the Bitcoin network, though in a novel way. Trust in the Bitcoin network is built by consensus among the nodes. Each node must agree which ledger is the correct ledger, and each node retains a copy of that ledger for future transactions. Why does it work? Let’s dive into the technology underlying Bitcoin: The blockchain.
Bitcoin is a protocol that is itself built on top of blockchain technology. In Bitcoin, there are actually two chains, one of which is hidden within the other. Suppose Alice needs to send 0.5 bitcoins (BTC) to Bob. How does she get her transaction onto the public ledger (i.e., the blockchain)? Alice starts by broadcasting her transaction to the entire Bitcoin network. If her transaction is validated, then each node’s ledger will be updated to include the transaction. But how do nodes know that a transaction is “valid”?
Like with a physical check, Alice must sign her transactions. Rather than using an easily forgeable physical signature, Alice uses a cryptographic algorithm like ECDSA. The details of ECDSA aren’t important for us, but it’s important to observe that it’s practically impossible to forge or otherwise break these digital signatures because they’re based on strong public-key cryptography. Alice’s signature is derived from her public-private key pair, which itself can be generated by any number of Bitcoin Wallet applications.
Alice’s private key is kept secret and is used to derive her public key, which is used as the address where other nodes send bitcoins to her.[ii] Alice signs a transaction by encrypting it with her private key, and other nodes can verify her signature against her transaction by decrypting her signature with her public key (i.e., her Bitcoin address). Because the signature is dependent on the transaction’s contents, it will be different for each transaction. This dependency also means a transaction cannot be altered within the network because the signature will be invalidated, thereby voiding the transaction. If Alice can sign her transactions like she signs her physical checks, then how does she track her account balance?
The Bitcoin protocol differs radically from traditional banking in how it tracks account balances. In fact, the Bitcoin ledger doesn’t track balances at all. Instead, ownership of funds (i.e., the available “balance”) is tracked through a transaction chain. The ownership of bitcoins is transferred through this chain, and the validity of each transaction is dependent on the validity of the previous transactions in the chain. In a sense, Alice’s “balance” is the number of bitcoins determined by a list of unspent transactions she has available to transfer to other users (or herself). But what exactly is a “transaction” in this system?
A transaction is just a data structure that contains three data fields, one of which is the transaction’s unique identifier (a seemingly random hash value). The other two fields are a set of inputs and a set of outputs. The former specifies the number of bitcoins to be spent and their history, and the latter specifies to whom (i.e., Bitcoin addresses) to send what amounts of bitcoins. Once an input transaction has been used in another transaction, it cannot be used again—that transaction has been “spent.” Once Alice’s transaction to Bob goes through, she can no longer spend those bitcoins because they belong to Bob now. This leads to an important observation: Once bitcoins have been transferred, they cannot be reclaimed. Also, due to the nature of the transaction chain, if Alice loses her private key, then she will forever lose whatever bitcoins were held by her Bitcoin address.[iii] Without her private key, Alice can neither sign nor verify transactions. Worse, any bitcoins that are lost will be irrecoverable for the larger bitcoin economy. This leads to yet another important observation: As bitcoin loss occurs over time, the currency will necessarily become deflationary.
Okay, so we’ve established that bitcoins can be transferred via a transaction chain. But we still haven’t determined who validates transactions and how everyone in the network knows transactions are legitimate. There’s a more pressing issue lurking beneath the surface. Suppose Alice sends two transactions for the same amount at different times. As those transactions traverse the Bitcoin network, there’s no guarantee that they’ll arrive in the correct chronological order, and this could lead to fraudulent double-spending. Instead of bouncing a physical check, Alice could defraud another user whilst retaining possession of her bitcoins. This is where the blockchain comes into play.
The blockchain is an elegant solution to the transaction-order problem. The blockchain is the public ledger part of Bitcoin. In the broadest sense, the blockchain is a list of linked data structures called “blocks.” Each block contains a reference to the previous block, effectively linking each block in chronological order. Each block is identified by its SHA-256 hash value, and we can traverse the blockchain all the way back to the “genesis” block. It may sound odd, but the blockchain is a powerful type of ledger. Let’s see how it works.
Unconfirmed transactions, like Alice’s transfer of 0.5 BTC to Bob, are placed into a pool on the Bitcoin network. Then, a special “miner” node on the network selects one or more transactions from the pool. Suppose Mike is a miner. It’s his job to validate the transactions he selects from the pool. If Mike doesn’t validate Alice’s transaction, then Bob won’t get his bitcoins. Mike validates transactions by collecting them into a block. His goal is to solve a computationally difficult “proof-of-work” problem so he can add his block to the blockchain. Once he does this, then the transactions within the block are deemed valid and become part of the ledger. Alice’s bitcoins are transferred to Bob, and Mike is rewarded with newly mined bitcoins or an optional transaction fee.[iv] So how does Mike do it?
For Mike to add a block to the blockchain, he must prove his work. That is, he must solve a computationally difficult puzzle. Mike’s block contains at least three data items: A reference to the previous block in the blockchain, a list of unconfirmed transactions, and a nonce. That nonce is the critical component, for it determines whether Mike can add his block to the blockchain. All three data items are double-hashed using SHA-256, but since Mike can’t alter the transactions or the previous block reference, he must alter the nonce. Now, the hash of Mike’s block must meet a certain target, whose difficulty is determined by the Bitcoin network.[v] It turns out that it’s computationally difficult to solve for a correct nonce; indeed, it can take trillions of tries. Once Mike does find a correct nonce, he can broadcast his mined block to the network. Each node on the network is notified of the new block and updates its version of the blockchain after verifying Mike’s solution.[vi] Part of the beauty of the blockchain is that it’s computationally difficult to mine blocks, but it’s very easy to verify the results. The simplicity of the system is also deceptive, as it’s very difficult to attack.
Suppose that Alice wants to commit fraud on the blockchain. She has at least two options to attack the integrity of the ledger. She can try to double-spend by adding blocks onto the blockchain before other miners. This would be difficult for her to achieve on her own since she would be competing against the entire Bitcoin network. Moreover, she would need at least 51 percent of the power of the network to be even remotely likely to beat the other miners. From a technical standpoint, she also would need to precompute blocks for the blockchain, but she can’t do this because each block depends on the previous block. That is, it would be very difficult for Alice to precompute, say, five blocks without knowing their predecessors ahead of time.
If Alice can’t easily fraudulently extend the blockchain, then she could try altering extant blocks in the chain. For example, she could alter the transactions in Mike’s block so that her transaction to Bob gets rerouted back to her. This attack cannot work, however—this is exactly the scenario for which the blockchain was designed. Because the blocks in the blockchain are linked by their hash values, any modification to one block would necessarily invalidate all the successive blocks. That is, to modify a block’s contents is to modify its hash value, and this modified hash value will conflict with the hash value stored in successive blocks in the chain. As a general principle, therefore, the further a block gets into the blockchain, the securer it becomes due to the sheer difficulty to retain validity and integrity. In short, Alice should avoid tampering with the blockchain—she’ll likely never overcome the network’s consensus.
Bitcoin and the blockchain are still relatively nascent technologies. The concept of a distributed public ledger is a powerful one not necessarily constrained to financial transactions. Indeed, the true promise of the blockchain lies in its ability to distribute the process to verify the integrity of transactions. In just eight years, Bitcoin revolutionized electronic payment systems and spawned myriad imitators. In the future, though, true innovation will come from novel applications of blockchain technology to non-financial industries.