The BSV Academy’s free introduction to Bitcoin Theory course covers the design of Bitcoin as a system as prescribed by Satoshi Nakamoto. This course is open to anyone who is interested in Bitcoin and is the beginner course in this series. Some technical experience would be helpful to complete the course, however it is open to anyone regardless of experience.
The course goes through the Bitcoin white paper section by section elaborating on the concepts contained within each.
To make it as effortless as possible for you to have access to this educational material, we are publishing the entire course over here on our blog. Stay tuned for a section by section release, and remember that you are still welcome to enrol in the BSV Academy to gain a certificate of completion to add to your resume!
Bitcoin white paper - Abstract
A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending. We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work. The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they'll generate the longest chain and outpace attackers. The network itself requires minimal structure. Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone.
‘Peer-to-peer cash’
A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.
- Satoshi Nakamoto, Bitcoin Whitepaper
Unlike in the legacy banking model, where for two parties to transact, both parties must employ the services of a trusted third party (e.g. a bank), in Bitcoin, money is exchanged peer-to-peer using the Bitcoin protocol.
Transactions can involve effectively unlimited numbers of peers thanks to the flexibility of the protocol which is limited only by the economics of constructing and verifying each transaction rather than arbitrary parameters.
Wallets allow users to create transactions that sign ownership records of digital coins and assign them to new owners. The records of these exchanges make up the history of Bitcoin transactions, sometimes referred to as a ledger.
Transactions are recorded on a public ledger visible to all parties without the need for a financial institution’s involvement. This does not mean that banks will not use Bitcoin or be a part of the Bitcoin ecosystem. In fact, banks that use Bitcoin will have the advantages of its low cost transaction verification as a competing advantage in financial markets.
Digital signatures and Trusted Third Parties
Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending.
- Satoshi Nakamoto, Bitcoin Whitepaper
Digital signatures are a means for the owner of a coin on the ledger to establish their intent to use that coin in a transaction. Digital signatures work by generating a unique hash of the message and signing it using the sender’s private key. The hash generated is unique to the message, and changing any part of the message will completely change the hash thus rendering the digital signature invalid.
We use handwritten signatures on handwritten or typed messages to tie an identity to a message. Similarly, a digital signature is a technique that binds a person to digital data. This can be independently verified by the receiver. One of Bitcoin’s core innovations is that it allows for digital signatures to be validated without needing a third party who has knowledge of the identity of the transacting parties.
When the user builds a transaction, a highly flexible scripting language is used to define the conditions under which that coin can be spent. Incorporating signatures into these conditions using Elliptic Curve Digital Signature Algorithm (ECDSA), the signature type used in Bitcoin, provides a means for the user or users to provably show they control a private key. This key is linked to a script based puzzle which the user provides when they receive the coin. To spend it, the user must provide the right script incorporating the necessary proofs to correctly solve the script. It is upon the peers participating in the transaction to determine its content, create the signatures and submit it to the network for validation.
While the transaction processors who log the transaction have no stake in the value of the Bitcoin being exchanged, they are paid a transaction fee for the service of validating and recording the transaction. Because they are not a party to the transaction, they become a simple third party, to whom no trust needs to be given. Transaction processors are not required to record all transactions onto the ledger, but can choose to do so if the users attach a sufficient fee for them to consider it worthwhile and so long as the transaction is actually valid.
Peer-to-peer network
We propose a solution to the double-spending problem using a peer-to-peer network.
- Satoshi Nakamoto, Bitcoin Whitepaper
Double spending refers to the act of signing a coin to create a transaction and submitting that transaction to the network before using the same coin to create a different transaction which pays to a different recipient, effectively spending the same coin twice.
This problem is solved in Bitcoin through the creation of a peer-to-peer network of nodes whose role it is to gather, validate and timestamp all of the transactions that take place. It is through this network that the double spending problem is addressed by accepting only the first-seen of such a pair of transactions.
The Bitcoin network is a global piece of infrastructure that is built by enterprises who compete for the right to extend the ledger by adding new transactions. Each transaction can only be processed once and inputs used in a transaction are consumed. Once a transaction has been submitted to the network, it is broadcast to all nodes within a few seconds making it almost impossible to perform double spends without the assistance of a fraudulent node.
Timechain and proof-of-work
The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work.
- Satoshi Nakamoto, Bitcoin Whitepaper
The word Time chain can be used to refer to the nature of the Bitcoin blockchain as a chain of time stamped events in history. As transactions are received into the network, nodes capture and collate them into logs. These logs, or ‘blocks’, are made up of a timestamp applied to a sequential list of transactions and represent a consensus agreement of the proof of both existence and validity of all the transactions they contain.
Proof-of-work is the term used when explaining the rules that decide who gets to update transactions on the Bitcoin blockchain. Put simply, in order to gain the right to update the next block of transactions, you need to provide proof that you have solved a computational challenge that is hard yet can be easily verified by the network. By doing this you provide proof that you have done the work to solve it.
Think of this like starting a jigsaw puzzle, it's hard to solve and you will make many attempts to fit the pieces but once you complete the puzzle it is very easy for it to be validated.
As new transactions are received, nodes add them into a block template which contains all the transactions they have accepted which have not been put into a valid block, and perform hash based work on a difficulty puzzle that must be solved to form a valid block. The solution represents proof that the node proposing the block has performed the work necessary for that block to be valid.
Hashing means taking an input of data of any length and transforming it in such a way that it produces a repeatable but essentially random output of a fixed length. In Bitcoin, the transactions are run through a hashing algorithm called SHA-256 which gives an output of a fixed length of 256-bits.
In this way, anything from a short message to a large file can be hashed and the hash distributed to several parties. At any time, those parties can verify the data block by hashing it and checking that it matches the hash output they received earlier. Only the original data can be used to generate that same hash.
In Bitcoin, the nodes compete by generating as many hashes as needed to find one with the right properties. In this case a fixed length string of 64 hexadecimal characters less than a particular amount, looking something like this:
000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f
Hashes with this many leading zeros are not easy to find and represent an expenditure of energy on CPU power. Nodes compete for the right to create the next timestamp, or block, in the chain which is granted by solving this hash puzzle.
When a Bitcoin block template is being hashed, the block header contains a time stamp, a reference to the block it builds upon, a hash that represents all of the transactions in the block, a difficulty setting and a field called ‘Nonce’ or ‘number used once’. This Nonce is changed rapidly to generate new messages for the hashes being created during the proof-of-work process.
As the network expands, the puzzle’s difficulty is adjusted to keep the average block time as close to 10 minutes as possible. If nodes add their CPU power to the pool performing proof-of-work, the puzzle becomes increasingly hard to solve. Over time this means that changing blocks which have had several subsequent blocks built on top of becomes almost impossible through the accumulation of proof-of-work on top of them.
CPU power
The longest chain of proof-of-work is the chain of blocks generated by the largest pool of CPU power.
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power.
- Satoshi Nakamoto, Bitcoin Whitepaper
At scale, this means far more than just the capacity of nodes to solve the difficult proof-of-work problem, as a node must be able to keep up with the rest of the network in the tasks of downloading, validating and storing all of the transactions taking place in the world in real time.
The hashing machinery used to solve proof-of-work votes for the most capable node, incentivising node operators to build the fastest most capable machines in order to attract the most hash. Hash power can be switched instantaneously off or on, or even moved between nodes so ensuring it is being used profitably is a top priority.
In this way, the network stays healthy by incentivising node operators to invest in the best and most capable machinery to run the network.
Cooperation in the network
As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they'll generate the longest chain and outpace attackers.
- Satoshi Nakamoto, Bitcoin Whitepaper
One of the ways it is possible to attack the integrity of the ledger is for a node operator to include in a block a transaction that double spends coins that were previously spent, or to otherwise include a transaction in a block that is invalid per network rules. Honest nodes will recognise this rule violation and refuse to build new blocks that follow this invalid block.
Instead they will build new blocks on top of its valid predecessor and create an honest competing chain. So long as the honest node controls more than half of the hash power the honest chain will become longer and signal to all network participants to ignore the invalid block. As the attacker’s block is no longer recognised by the rest of the network the reward for creating the invalid blocks is also not recognised. As such the attempt becomes a significant cost to the attacking node, discouraging attempts at dishonest behaviour by making it very risky.
In this way, nodes use hashpower to enforce network rules. A node who publishes blocks that violate the rules waste the energy investment used to generate the valid proof-of-work, and will lose the pool of hash which voted for it. In this way, proof-of-work incentivises honest behaviour, creating a system where all nodes compete in a cooperative way to enforce the established network rules.
Network Structure
The network itself requires minimal structure.
- Satoshi Nakamoto, Bitcoin Whitepaper
The network forms naturally through the incentive structure that drives participation in usage of the ledger, and the corporate activity that revolves around processing transactions from the ledger into blocks.
Winning blocks can be a lucrative business activity for an efficient processor.
There is no central governance, and nodes simply need to adhere to the established rules in order to participate. As transaction fee revenue grows commensurate with network usage, individual node operators will invest in infrastructure that increases their capacity to validate all available transactions and gain access to a larger pool of fee revenue. This is not something that is governed by the network or any central party but rather driven by incentive to maximise profits by becoming more competitive with other nodes on the network.
Messaging between nodes
Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone.
- Satoshi Nakamoto, Bitcoin Whitepaper
Messages that are broadcasted on the network are limited to new transactions and new block discovery announcements. When a node receives a new transaction, it automatically broadcasts it to all the nodes with which it has a peer connection. By ensuring all other nodes have the transaction, the node reduces the time those nodes will need to validate a block found which includes this transaction, giving them the best chance of their block being validated quickly.
Nodes will accept the first seen version of a transaction as the valid version of that transaction and considers any subsequent transaction that tries to spend the same inputs as an attempt at double spending. Similarly, with block announcements, nodes will accept the first valid block they receive which builds upon the longest proof-of-work chain as the next block in the chain and will begin building their next block upon it. Occasionally, blocks are discovered simultaneously, leading to one of those blocks being left out of the longest chain of proof-of-work, leading to them becoming ‘orphan blocks’.
Nodes can leave and rejoin the network at any time and there is no central governance required for this to occur. When a node re-joins the network, they connect to other nodes and request the records of all transactions and blocks that have been seen on the network since they were disconnected. The nodes then validate the information and rejoin the competition from the most recently discovered block.