A little story to tell you: What is the operating mechanism of Bitcoin?

Bitcoin has remained shrouded in mystery since its advent. Even though its price has now reached more than 10,000 yuan, there are still few people who understand how Bitcoin works.

A short story

Alice is far away from Bob and wants to buy Bob's alpaca socks. In return, she wants to pay Bob one dollar. A dollar bill is just a piece of paper that is very easy to make (for those who can make it), but in real life, pieces of paper are often accepted in exchange for valuable products and services, such as the socks Alice wants to buy. The simple thing Alice can do is put a dollar in an envelope and mail it to Bob, then wait for Bob to mail the socks to her.

Another way is for Alice to "wire" the money to Bob. To do this, she first gives her money to an organization called a bank, which is responsible for keeping Alice's money safe and then returns a written promise (called a bank statement) to Alice. At any time, she can go to the bank and get back the same amount of money she had with her. Because the money still belongs to Alice, she is entitled to do anything she wants with it, and the bank (most banks) will charge a small fee for the service of transferring the money to Bob. The bank can send someone to Bob's house with Alice's money to give it to him. However, more often, the money is transferred directly from Alice's bank account to Bob's account and then notified to both of them. The next time Bob sees it on his bill, or, if he is in a hurry, he will contact the bank to ask how much money he has in the bank.

Because banks have many customers, and banks need to pay employees to talk to people and sign documents, banks have recently begun using machines (such as ATMs) and online services to replace paid employees interacting with customers. These machines are designed to handle what the customer wants to do with his/her money, and the range of things the customer might do (for example, ATMs can handle cash). Finally, most of the time, few people are involved in these transactions. People always know how much of the money in the bank's safe is theirs, and they trust the amount of money they see on their bank statements and on their computer screens to the corresponding banknotes they can get from the bank at any time. They are confident that they can accept these numbers as paper money (similar to how people first began to accept paper money as gold and silver).

Nevertheless, the fact that machines are used does not change the structure of the system, which is based on a central authority (the bank) that keeps information about user accounts. Everyone has to rely on the honesty of this authority (i.e., how much money they keep in total, or at least how much paper money they keep available to everyone). Likewise, everyone has to provide his/her real name to this authority to verify their identity in order to be allowed to withdraw their money or transfer it to others.

Bitcoin is a system that has a currency called Bitcoins that can be freely transferred, using a method similar to online banking interfaces, but anonymously and without relying on a central authority to determine authenticity. These Bitcoins require real resources (CPU time and electricity) to produce, so they are valuable, they cannot be reused, and they will not disappear unless the computer of the Bitcoin owner is illegally accessed.

How to prevent theft?

To ensure that an eavesdropper, such as Eva, cannot access someone else's bitcoins by creating a transaction under someone else's name, we use a public key system to generate digital signatures. In this system, each person, such as Alice and Bob, has a public/private key pair stored in a secure wallet. Only the user with the private key can sign a document, such as a transaction in which he transfers some bitcoins to someone, but everyone can verify the signature using his public key.

Bob sends the public key to Alice

Alice adds Bob’s public key and the amount she wants to transfer to the transaction.

Alice signs the transaction using her private key

Now, anyone who knows Alice and Bob's public key is sure that Alice agrees to transfer this amount of bitcoins to Bob, because no one else has Alice's private key except Alice. Alice is not stupid enough to give her private key to others, otherwise, someone can use her name to sign transactions and transfer funds from her balance.

Later, when Bob wants to transfer the same bitcoins to Charley, he has to do the same thing: receive Charley's public key, add a new transaction to the transaction chain and sign it with his (Bob's) private key. But only Bob can do this because only Bob has the private key that is needed to sign the transaction and it is the only private key in the transaction chain that matches Bob's public key.

Eve cannot change the owner of these bitcoins by replacing Bob's public key with her own, because Alice signed the transaction to Bob with her private key to declare that these bitcoins that belonged to her now belong to Bob, and Alice's private key is a secret from Eve. So if Charley admits that these original bitcoins are in Alice's hands, she will also accept that these bitcoins were transferred to Bob later, and now Bob transfers the same bitcoins to him.

How to prevent reuse?

This is how we ensure that Alice cannot copy a bitcoin and use it for multiple transactions (this is the main innovation of Bitcoin)

The transaction details are sent to everyone, or as many other computers as possible.

A continuously growing chain of blocks containing all transaction records, maintained by all computers (each computer has a complete copy).

Transaction blocks must be legal and must contain proof of labor (the network generates a block every 10 minutes) to be accepted by the record chain.

Blocks are linked in a way that if any one is modified, all subsequent blocks must be recalculated. When there are multiple valid branches in the chain, only the longest branch is accepted and continued.

When Bob sees that his transaction has been included in a block that is part of the single longest and fastest growing chain of blocks (as measured by meaningful computational growth), he can be confident that the transaction initiated by Alice has been accepted by computers on the network and is permanently recorded, preventing Alice from creating another transaction using the same bitcoins.

In theory, Alice could try to create fraudulent blocks that do not contain the bitcoins she previously spent, and she would try to send these blocks to everyone as proof that the bitcoins still belong to her. However, the transaction Alice signed previously has already been published and sent to a large number of computers in the Bitcoin network, and a block containing it has already been generated by someone else (otherwise, the first recipient of the bitcoins would not have acknowledged it). Because generating a legitimate block is designed to take a long time, Alice cannot keep up with all the other computers. Bob will receive more blocks from others that Alice could never have generated alone, and some of the newer blocks will contain Alice's old transactions, letting Bob know that Alice has spent her bitcoins. The only way Alice can remove her transaction is to create a parallel chain of blocks that is longer than all the chains that everyone else has generated and does not contain her transaction, because only the longest chain is accepted.

In order to remain the longest, it also has to grow faster than the other chains, thus preventing block generators from adding Alice's transaction to their chain. To do this, Alice would have to permanently control a majority of the CPU resources on the network; something we believe no single person or organization can do. Therefore, as long as the person controlling the majority of CPUs does not cooperate with Alice, her transaction will be permanently recorded and she will not be able to create another transaction with the same bitcoins.

How to ensure anonymity?

Bitcoin "accounts" do not need to be associated with names and do not need to correspond to a single individual. Each balance is simply associated with a randomly generated public/private key pair and the money belongs to whoever owns that private key and can use it to sign transactions. The transactions signed using those keys also do not need to include names.

A Bitcoin address is a public key that looks like this:

14iPPJcajb6bwejbimpHkS5z8HEbQSzNLd

Each person can have many such addresses, each with its own balance, making it more difficult to determine who owns the money. To protect his privacy, Bob can even generate a new public/private key pair for each separate transaction. This way, David receiving bitcoins from Charley will not be able to determine who is the second person in the transaction list (without asking Charley).

The creation of currency

As mentioned above, Bob and Charley need to verify that the original bitcoin sent from Alice is legitimate. Alice cannot simply generate bitcoins out of thin air in real time, because the emergence of a bitcoin is a transaction that needs to be accepted by others.

According to the current software, new Bitcoins are slowly introduced like this: every computer that generates a block that allows one transaction to be placed in it receives 50 Bitcoins, money that does not need to be obtained from somewhere. This money is an incentive for those who pay the computational effort to generate blocks. However, according to the current agreement, every four years, the reward for generating a block is reduced by half. This means that at the same moment in 2013, the vast majority of CPUs will no longer accept blocks that add 50 BTC to the amount of money, and they will only accept blocks that add half that amount. The same thing will happen in 2017, 2021, 2025, etc., unless different Bitcoin client software becomes prevalent on the network.

Because incentives eventually taper off, another way for Alice to earn bitcoins is to accept transaction fees when she generates blocks. With every bitcoin transfer, there is a voluntary transaction fee, an amount that is optional and paid by the person sending the money. This fee is paid to the person who did the work of generating the block containing the transaction, which was required for the transaction to be accepted. Because Alice is free to include any set of transactions, she can choose to include only the transaction with the highest fee. If everyone does this, eventually, depending on the total number of transactions, a minimum fee for a transaction will be generated in the chain of blocks.

Summarize

You can visit the Bitcoin Block Explorer website to experience the system in action. This website shows you the latest blocks in the blockchain. The blockchain contains all the historical transactions that have occurred in the system and have been accepted. Note how many blocks have been generated in the last hour, which should be around 6. Also note the number of transactions and the amount of money transferred in the last hour (about 64 and 15K last time I checked). This will give you an idea of ​​the activity of the system.

(Bitcoin Block Explorer homepage, image source: Golden Finance)

Next, let's take a closer look at one of these blocks. First notice that the block starts with a hash value, which indicates how difficult it was to make. The computer that generated this block had to run through many temporary values ​​(also listed on the block's page) until it found one that could generate these values. The next thing to notice is the line marked Previous block. Each block will contain its hash value in front of it, which is the structure of the block chain. Now look at all the transactions contained in this block. The first transaction is the profit of the computer that generated this block. It contains a fixed amount of money generated out of thin air, and may contain transaction fees for other transactions in this block.

(The current network computing power has reached a very high level. Image source: Golden Finance)

Looking at any of these transactions in detail, you'll see that it's made up of multiple incoming and outgoing funds. In fact, there may be more than one incoming and outgoing fund, allowing the system to link or split funds into required partial amounts (often fractions) in any possible way. Each incoming fund comes from a previous transaction to a certain address (which you can also look at in detail) and each outgoing fund is transferred to someone and forms part of a future transaction (if it has already happened, you can also look at it in detail).

Finally you can learn more about any address and know what public information is available.

To get an idea of ​​the activity in the Bitcoin system, you might like to visit the monitoring website Bitcoin Monitor. It starts with general statistics on the number and size of transactions, and then goes on to a real-time visualization of the activity happening in the Bitcoin system.