The Most Famous Blockchain

Despite growing discussion about applying blockchain backed systems to a variety of activities (like securities settlement many people I have spoken to (including those in the financial industry) have no idea how a blockchain works. That is, how a blockchain backed system can provide trust without having large central parties taking on counterparty risk during a transaction. I have attempted to clear this up by explaining bitcoin.

Most explanations of bitcoin either gloss over details with excessive use of analogies or go into minute technical detail on every variable that makes a block. I have done neither, instead providing a clear explanation of the bitcoin protocol that’s designed for a non-technical audience yet still provides comprehensive details on the mechanisms involved that make bitcoin work as a robust system of value transfer.

The Blockchain

The bitcoin blockchain serves as a permanent record for every bitcoin transaction. Transactions are bundled in blocks that are arranged in a chain chronologically, hence blockchain. A new block of transactions is added to the blockchain approximately every 10 minutes.

Each transaction contains (among other things to be discussed later) a list of inputs and a list of outputs. Each element in the list of inputs was the output of a transaction in a previous block on the blockchain.

Each output contains the amount of bitcoin to transfer and the receiver’s address. To create a bitcoin address the user will:

  1. Randomly pick a value from 0 to 2160 that will serve as the user’s private key. The fact that the user knows the public key for their address signifies ownership of that address. Due to the number of possible private keys being so large (there are 2160 possible bitcoin addresses while there are only about 263 grains of sand on earth), the risk of two users randomly picking the same key is considered negligible.
  2. Take the chosen private key and run it through elliptic curve point multiplication to generate the public key. The function is considered one-way, therefore attempting to use the resulting public key to get the private key that created it would be no easier than attempting to guess the private key by exhaustively trying every possible value from 0 to 2160.
  3. Take the public key and hash it to get their bitcoin address. This is what the user will share with others who wish to send them bitcoin.

When a user creates a transaction, the private key is used to sign the transaction in order to prove to others that the user is the owner of the address the transaction is transferring bitcoin from. Signing involves the user feeding both their address’ private key and public key into an algorithm that outputs a string of text. Others can check that string of text, using the public address, and confirm that only someone with the address’ private key could’ve created that string. This is how the bitcoin network can verify that a transaction was authorized by the sender (opposed to someone else who wouldn’t know the address’ private key and therefore couldn’t accurately sign the transaction).

If someone else got ahold of a user’s private key, they could accurately sign transactions moving bitcoin from that user’s address to another address (steal bitcoin from the user).

The Process of Sending Bitcoin

Alice owns an address (her ownership is signified by the fact that she is the only one who knows the private key that can accurately sign transactions from that address, and therefore the only one who can sign transactions moving bitcoin from that address to others). Alice wants to transfer 1 bitcoin to her friend Bob who has provided her his address.

Alice Creates the Transaction

The first step for Alice is to set the input(s) of the transaction. Each of these input(s) must be output(s), addressed to Alice, from a previous transaction on the blockchain. Those output(s) must also have not already been used as an input for a previous transaction (that would be double spending).

Alice searches the entire blockchain for transactions with outputs addressed to her that weren’t previously used in a transaction. Of the three unused outputs addressed to her, the smallest is from a transaction where Alice’s grandmother sent both Alice and her brother 3 bitcoin each for Christmas.

Alice searches for all transactions with an output addressed to her that haven’t been used in a transaction. Searching the entire blockchain, she finds there are 3 unused outputs addressed to her from the transactions shown above. Her address’ bitcoin balance is the sum of these unspent outputs = 7 + 3 + 5 = 15 bitcoin.

Because the Christmas transaction is the smallest output by value among all her unspent outputs, Alice decides to make this the input to the transaction to Bob. So she adds an input to the new transaction that’s the 3-bitcoin-output addressed to her from her grandmother’s Christmas present transaction and adds an output addressed to Bob with a value of 1 bitcoin.

Any difference between the total value of inputs and total value of outputs becomes the transaction fee. In this case it would be 2 bitcoin, which is way too large for a transaction this simple. A fee of 0.05 bitcoin would provide adequate incentive for this transaction to be processed by the miners in a timely manner. So Alice adds an additional output addressed to her with a value of 1.95 bitcoin, leaving 0.05 bitcoin as the transaction fee: the difference between the value of the input(s) and the value of the output(s).

Transaction fee = (sum of input values) – (sum of output values)

Once Alice has finished creating her transaction, she broadcasts it to the bitcoin network to be processed.

The Miners

There is a very large network of miners stationed around the world listening for broadcasted bitcoin transactions. The goal of each miner is to create a block, fill it with as many transactions as possible, then try to get their block added to the shared blockchain. The process is commonly referred to as bitcoin mining.

Each miner in the network goes through the following steps:

A transaction’s coinbase transaction must be the first transaction placed on every block. It has no inputs but can have as many outputs as the node chooses (with each output addressed to whomever the node chooses). The sum of the outputs must equal a predetermined value plus the sum of the block’s transaction fees. The predetermined value halves for every 210,000 blocks that are added to the blockchain (about every 4 years). The predetermined value portion of the output for a coinbase transaction on every block added to the blockchain is the only way new bitcoin are issued. The predetermined amount plus the sum of the block’s transactions’ fees is the reward that the creator of the block receives if their block is added to the blockchain.

So immediately after Alice broadcasts her transaction, each miner will decide whether it’s worth adding her transaction to the block they’re building.

Three of the miners decide to include Alice’s transaction in their block.

First they will examine Alice’s transaction and decide whether the transaction fee (the difference between the sum of input(s) value and the sum of output(s) value) is large enough to justify both the work it will take to validate it and the space it will take up on their block (the size of a block has to be less than 1MB).

A transaction’s coinbase transaction must be the first transaction placed on every block. It has no inputs but can have as many outputs as the node chooses (with each output addressed to whomever the node chooses). The sum of the outputs must equal a predetermined value plus the sum of the block’s transaction fees. The predetermined value halves for every 210,000 blocks that are added to the blockchain (about every 4 years). The predetermined value portion of the output for a coinbase transaction on every block added to the blockchain is the only way new bitcoin are issued. The predetermined amount plus the sum of the block’s transactions’ fees is the reward that the creator of the block receives if their block is added to the blockchain.

Unlike transferring money, the value of the transaction isn’t the major factor in deciding the transaction fee. Instead, the size of the transaction is the main determinant.

Despite the amount of bitcoin changing hands in transaction B being one thousand times larger than in transaction A, the transactions have the same number of inputs and outputs (will require the same amount of work for the miner to validate it) and have the same size (will take up the same amount of room on the miner’s block) therefore, if broadcast at the same time, will both require the same transaction fee (approx. 5000 satochi or 0. 00005 bitcoin) to get processed in a timely manner.

While there is no requirement for a transaction fee (it can be any value the sender chooses including 0), without an adequate transaction fee incentivizing miners to add the transaction to their block, the transaction won’t get added to the blockchain in a timely manner.

If the miner decides the transaction’s fee justifies its size it will take the time to verify that the transaction is valid by making sure that each of the transaction’s input(s) are unspent output(s) from a previous transaction on the shared blockchain.

Each of the miners who considered Alice’s transaction’s fee adequate enough to include in their block independently verify that the input for Alice’s transaction exists as an unspent output on the shared blockchain.

Now that every miner has created its own block of transactions, they must fight it out to see whose block will be added to the shared blockchain.

Proof of Work

Miners fight it out by competing to solve a very difficult puzzle. Whoever solves the puzzle first gets their block added to the shared blockchain. The difficult puzzle is bitcoin’s proof of work, which is a key requirement in any crypto currency. As you will see proof of work creates a strong incentive for miners attempting to have their blocks added to the blockchain to ensure all the transactions they include are valid.

Currently, if you combine the computing power of the top 500 supercomputers in the world, you’d still only have about 1/100th the power of the bitcoin mining network. Creating a block, listening for transactions, verifying those transactions, and adding verified transactions onto the block doesn’t take much computing power. What occupies the majority of the network’s computing power at any time is the puzzle.

In order to solve the puzzle, and have their block added to the shared blockchain, the data in a miner’s block must be such that when run through an algorithm, the result has a least a certain number of leading 0’s.

This block has 13 0’s. If the difficulty of the network required 13 or less leading 0’s at the time this block was hashed, then this block would pass the test and be added to the blockchain.

Because the output of the algorithm is random, the only thing miners can do to attempt to get their block accepted is:

There are plenty of pieces of data on a block that a miner can change without having to remove/add transactions.

The number of times a miner performs one cycle of this is called the hash rate. The combined hash rate of all the nodes on the bitcoin network as of December 6th 2015 is 566,236,898 GH/s (566 million billion hashes per second). So to have even 0.01% of the hash rate of the network (on average getting one block added to the blockchain every 70 days) would cost a small fortune in hardware and electricity. Because the only way for a miner to earn bitcoin is to have their block added to the blockchain, all profitable bitcoin mining operations must have enormous scale.

Every 2,016 blocks (about every 2 weeks), the difficulty (the number of leading 0’s required in a block’s hash in order for it to be added to the blockchain) is altered depending on how fast the network is adding new blocks at the current difficulty. This is how the rate of new blocks being added to the blockchain has stayed constant, around 6 blocks per hour, despite the computational power of the network increasing exponentially since it’s beginning.

As the total hash rate of the network increases, the difficulty of the puzzle is adjusted upwards. This makes the rate at which new blocks are added to the blockchain constant (approx. 1 block every 10 minutes) despite the increase in the network’s hash rate over time.

Once a miner in the network has got an accepted hash and their block is added, each of the other miners must decide whether to abandon their block and start over trying to build off the new block or reject the new block and keep trying to add their own block.

A miner successfully solves the puzzle (edits the data in their block so that the block’s hash has the required number of leading 0’s) and gets their block added to the blockchain. Other miners on the network, haven been beaten to solving the puzzle, will now validate the transactions on the new block to decide whether to start working off the newly added block.

Scenario 1: The blockchain continues being built off the newly added block (a majority of the network’s computing power accepted the block and started working off it). Scenario 2: A fork occurs: either multiple blocks were successfully added to the blockchain at once or transactions on the newly added block was deemed invalid by other miners. In scenario 1, a majority of the miners would of abandoned the old blocks they had created and been attempting to solve the puzzle with. They would then create a new block, repackage unused transactions, and start again in attempting to get an adequate hash. Even if none of the transactions included in the block they were trying to add were in the block that was actually added, they would still need to create a new block because one part of the data of a block is a hash of the block’s parent (so they would have to set it to the newly added block). In scenario 2, however, miners could continue attempting to solve the puzzle with the block they previously created.

If a fork occurs then the newly created block won’t be included in the longest chain in the blockchain (the miner who created it will receive no bitcoin). The possibility of miners not accepting a newly added block causes miners to verify the transactions they package in their block. This is why proof of work is pivotal in the bitcoin protocol because the prospect of expending so much computing power to solve the puzzle only to have your block rejected keeps miners honest in the transactions they package in the blocks they create. The incentive for other miners in the network to reject building upon newly created blocks containing invalid transactions is the prospect that they expend a large amount of computing power to get a block added after the invalid block, only to have a fork occur before the invalid block making the block they added after it worthless.

A fork occurred before the light green block so it won’t be a part of the future blockchain, therefore the owner receives none of the transaction fees or coinbase transaction on the block since future miners validating a transaction won’t check this block (since it will never be an ancestor to the most recent block in the longest chain).

Conclusion

As you can see, there is no central party facilitating the transfer of bitcoin. Instead, trust is created from the very high cost of adding blocks to the blockchain (proof of work) which incentivizes miners to be honest about the transactions they include in their block or face the risk of a fork occurring before their newly created block (making the expensive computing power expended to get the block added to the shared blockchain a complete waste).

Written on November 23, 2015