How does Bitcoin works

A bit of history - Bitcoin was invented by a man (or a group) using the pseudonym of Satoshi Nakamoto and having stayed anonymous. Satoshi Nakamoto launched the first version of Bitcoin in 2008 and retired gradually in favor of other developers contributing to the project. His first successor as lead developer was Gavin Andresen. The main bitcoin implementation is now maintained by many developers. No one has had any contact with Satoshi Nakamoto since mid-2010.

Prerequisites - The Bitcoin protocol is mainly based on technologies widely used before Bitcoin itself.

  • Asymmetric Cryptography: a very popular cryptographic technology, that allows in particular to identify the author of a message. Each user has a public and a private key. The private key (only known to the user) is used to encrypt or sign a message that can be decrypted using the public key so the user can be safely identified as the author of the message.

  • Cryptographic Hash: a function that creates a short fingerprint of a message or file, unique and non-reversible. Bitcoin mining consists in finding a particular result produced by this function to - which is in itself useless - but ensures that the miner has a certain computing power. Example: SHA-256 cryptographic hash of the text "Satoshi Nakamoto" is a0dc65ffca799873...5425f7337704883e but it is impossible to reverse to find the original text without trying all possible combinations.

Bitcoin is a virtual currency: its has no representation in the real world. This is the case for most currencies today, but currencies can be backed by physical things like gold stocks (for example the dollar before 1971). Its value is determined only by the exchange market, which gives Bitcoin a value to make it a medium of exchange, a store of value and a speculative investment. Bitcoin is thus similar to gold: except for a few cases (electronic, esthetic ...) the value of gold is assigned by the market to make it a medium of exchange, chosen for its properties: rarity, durability and divisibility. Bitcoin also shares these properties, albeit in a more "virtual" fashion.

Bitcoin units can not be created by an entity or state and are limited to 21 million units called bitcoins (No capital B - the writing with a capital B refers to the technology). The number of bitcoins in circulation increases in a stable and predictable way to reach the final total of 21 million in 2140 (The slowdown of the "production" will be such that 99% of these 21 million will be available in 2030 while the remaining 1% will be put in circulation between 2030 and 2140 - see Controlled supply on Bitcoin Wiki). Each bitcoin is divisible into 100 million units called Satoshis. This makes a total of 21 x 1014 of indivisible units. Why this 21M number and is it enough? Maybe because it is close to the limit of the storage capacity of a 64-bit number, used very commonly in computing, but we do not have much more details on this choice, which does not matter because of the divisibility of Bitcoin.

The following section explains how Bitcoin works step by step by highlighting the problems behind the idea of a decentralized currency and the solutions brought by Bitcoin. This explanation is a simple approach of the mechanisms behind Bitcoin and does not constitute a complete or rigorous explanation.

Issue – With a decentralized currency, how to safely identify the person sending money?

The protocol uses the asymmetric cryptography system. Bob wants to send 1 bitcoin to Alice so he uses his private key to sign the message "I, Bob sends 1 bitcoin to Alice". Then, using his public key, anyone can verify that it is Bob that sent this message and he can't claim otherwise.

Issue – How to prevent Bob from duplicating this message and sending an unlimited number of times that bitcoin?

We give this bitcoin a serial number, eg 42001. The message will be now "I, Bob is sending 1 bitcoin No. 42001 to Alice." Therefore this bitcoin is clearly identified and this message can not be duplicated. (Actually, a bitcoin does not have a serial number but is traceable from its generation until this last use, which makes it uniquely identifiable.)

Issue – How to verify that Bob does indeed have this bitcoin No. 42001 and didn't spend it already?

Each user has a "ledger" called the blockchain which lists all the transactions and therefore who owns which bitcoin. Bob is sending the message "I, Bob is sending 1 bitcoin No. 42001 to Alice", but this time Alice uses her copy of the blockchain to verify that this number belongs to Bob. She then sends to everyone Bob's message and a second message indicating to everyone that she accepts this bitcoin. Everyone then updates their blockchain.

Issue – How to ensure that Bob does not send the same message simultaneously to two people who do not have time to update their blockchain and therefore do not know the bitcoin No. 42001 has already been spent?

This is where the bitcoin miners come into play. Alice verifies that Bob has the bitcoin No. 42001 but now, before accepting it she broadcasts her message to the network's miners. They check that the transaction is valid and spread the message "Ok, Bob has the bitcoin No. 42001, it can be sent to Alice" Once this message is broadcast by enough miners, everyone updates their blockchain, the transaction is made.

Issue – If Thomas is a bitcoin miner, how to prevent it from spreading thousands of times the messages "Ok, Bob has the bitcoin No. 42001, it can be sent to Alice" and "Ok, Bob has the bitcoin No. 42001, it can be sent to Carol" and thus manipulate the network?

To handle this network manipulation problem Bitcoin uses the system of "Proof-of-work". The operation of spreading the message "Ok, Bob has the bitcoin No. 42001, it can be sent to Alice" is made artificially difficult for a miner by making him do complex but useless calculations before spreading the message (a succession of cryptographic hash to find a particular value).

As a result if Thomas wants his false messages to be accepted he must have more than 50% on the network power. Our page Cost of a 51% attack is an estimate of what would cost a minor to be in such a situation based on the number of miners. The gain of such an attack is very small compared to the cost.

Issue – What motivates miners to verify transactions?

Minors are rewarded with new bitcoins created at a steady, predictable rate. The rate will reach a final total of 21 million in 2140. After that date, miners will only be rewarded with low commissions earned on every transaction validated.

To go in more detail, you can read the paper published by Satoshi Nakamoto: Bitcoin: A Peer-to-Peer Electronic Cash System.