Bitcoin- A Peer-to-Peer Electronic Cash System

Bitcoin: A Peer-to-Peer Electronic Cash System

• Notation Legend
• Pre-Read Thoughts
• Abstract
• Introduction
• Transactions
• Timestamp Server
• Proof-of-Work
• Network
• Incentive
• Reclaiming Disk Space
• Simplified Payment Verification
• Combining and Splitting Value
• Privacy
• Calculations
• Post-Read Thoughts
• Further Reading

Notation Legend

#something : number of something
→ : excerpt from paper
() : an opinion or some information that’s not present in paper

---

Pre-Read Thoughts

Bitcoin, as a crypto currency, is a very familiar term for most who might not be even in tech field.

The underlying technology, Blockchain, with it’s property “decentralization” gave rise to web3 and Ethereum (smart contracts).

Satoshi Nakamoto, author(s) and developers(s) of Bitcoin, is/are still anon to this day

I do like crypto as scientific technology but not as real world currency. BTW, P2P is very close to me

Abstract

Explains very high level working of block chain

PoW (Proof of Work) or mining, is where computation power is used to do complex math (kinda bruteforcing for correct hash) and get rewarded

Introduction

to pay electronically, a 3rd party should act as trust store

Transactions

→ We define an electronic coin as a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership.

in simple terms, a tx will contain sender’s sign, hash of previous tx, receiver’s pub key

with these 3, we can verify the chain

• with sender’s sign, tx can be verified by taking sender’s pub key from prev tx
• with hash, history can be tracked

→ We need a way for the payee to know that the previous owners did not sign any earlier transactions. For our purposes, the earliest transaction is the one that counts, so we don’t care about later attempts to double-spend. The only way to confirm the absence of a transaction is to be aware of all transactions.

Timestamp Server

timestamp server stores hash belonging to certain point of time

usenet posting is given as an example for centralized timestamp server

Proof-of-Work

Using PoW to decentralize timestamp server

Proof of Work → doing some computational effort

→ The proof-of-work involves scanning for a value that when hashed, such as with SHA-256, the hash begins with a number of zero bits. The average work required is exponential in the number of zero bits required and can be verified by executing a single hash.

miners compute to find nonce, which when combined with block will give hash with n zeros in beginning (n depends on current bitcoin volume in market?)

difficult to nonce, but when found, others can also verify work done by miner, as it as simple as using nonce and getting hash then checking leading zeros

→ If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains

Network

→ Nodes always consider the longest chain to be the correct one and will keep working on extending it. If two nodes broadcast different versions of the next block simultaneously, some nodes may receive one or the other first. In that case, they work on the first one they received, but save the other branch in case it becomes longer. The tie will be broken when the next proofof-work is found and one branch becomes longer; the nodes that were working on the other branch will then switch to the longer one.

Incentive

→ By convention, the first transaction in a block is a special transaction that starts a new coin owned by the creator of the block. This adds an incentive for nodes to support the network, and provides a way to initially distribute coins into circulation

Reclaiming Disk Space

without storing each and every tx, which costs a lot in storage, the txs are compacted time to time when a certain number is reached

Hash Tree or Merkle Tree is used

But by the actual numbers, storage needed is very less relatively

Simplified Payment Verification

→ (to verify) a user only needs to keep a copy of the block headers of the longest proof-of-work chain, which he can get by querying network nodes until he’s convinced he has the longest chain, and obtain the Merkle branch linking the transaction to the block it’s timestamped in

Combining and Splitting Value

(called as Unspent Transaction Output/UTxO)

→ there will be either a single input from a larger previous transaction or multiple inputs combining smaller amounts, and at most two outputs: one for the payment, and one returning the change, if any, back to the sender.

instead of creating transaction for every change, a tx can be clubbed with multiple inputs and at max 2 outputs

Privacy

→ The necessity to announce all transactions publicly, but privacy can still be maintained by breaking the flow of information in another place: by keeping public keys anonymous.

Calculations

→ We consider the scenario of an attacker trying to generate an alternate chain faster than the honest chain.

→ Given our assumption that p > q, the probability drops exponentially as the number of blocks the attacker has to catch up with increases. With the odds against him, if he doesn’t make a lucky lunge forward early on, his chances become vanishingly small as he falls further behind.

Post-Read Thoughts

Light paper but makes it more evident that cryptographic methods are mostly based on notion that “it’s tough to compute” rather than impossible

Bitcoin/blockchain got it’s heavy inspiration from papers of S. Haber, W.S. Stornetta, which are cited in paper

Further Reading

Ethereum- A Next-Generation Smart Contract and Decentralized Application Platform