The bitcoin protocol is the set of rules that govern the functioning of bitcoin. Its key components and principles are: a peer-to-peer decentralized network with no central oversight; the blockchain technology, a public ledger that records all bitcoin transactions; mining and proof of work, the process to create new bitcoins and verify transactions; and cryptographic security.
Users broadcast cryptographically signed messages to the network using bitcoin cryptocurrency wallet software. These messages are proposed transactions, changes to be made in the ledger. Each node has a copy of the ledger's entire transaction history. If a transaction violates the rules of the bitcoin protocol, it is ignored, as transactions only occur when the entire network reaches a consensus that they should take place. This "full network consensus" is achieved when each node on the network verifies the results of a proof-of-work operation called mining. Mining packages groups of transactions into blocks, and produces a hash code that follows the rules of the bitcoin protocol. Creating this hash requires expensive energy, but a network node can verify the hash is valid using very little energy. If a miner proposes a block to the network, and its hash is valid, the block and its ledger changes are added to the blockchain, and the network moves on to yet unprocessed transactions. In case there is a dispute, then the longest chain is considered to be correct. A new block is created every 10 minutes, on average.
Changes to the bitcoin protocol require consensus among the network participants. The bitcoin protocol has inspired the creation of numerous other digital currencies and blockchain-based technologies, making it a foundational technology in the field of cryptocurrencies.
Blockchain
editBlockchain technology is a decentralized and secure digital ledger that records transactions across a network of computers. It ensures transparency, immutability, and tamper resistance, making data manipulation difficult. Blockchain is the underlying technology for cryptocurrencies like bitcoin and has applications beyond finance, such as supply chain management and smart contracts.[1]
Transactions
editThe network requires minimal structure to share transactions. An ad hoc decentralized network of volunteers is sufficient. Messages are broadcast on a best-effort basis, and nodes can leave and rejoin the network at will. Upon reconnection, a node downloads and verifies new blocks from other nodes to complete its local copy of the blockchain.[2][3]
Mining
editBitcoin uses a proof-of-work system or a proof-or-transaction to form a distributed timestamp server as a peer-to-peer network.[3] This work is often called bitcoin mining. During mining, practically all of the computing power of the bitcoin network is used to solve cryptographic tasks, which is proof of work. Their purpose is to ensure that the generation of valid blocks involves a certain amount of effort so that subsequent modification of the blockchain, such as in the 51% attack scenario, can be practically ruled out. Because of the difficulty, miners form "mining pools" to get payouts despite these high power requirements, costly hardware deployments, and hardware under control. As a result of the Chinese ban on bitcoin mining in 2021, the United States currently holds the largest share of bitcoin mining pools.[4][5]
Requiring a proof of work to accept a new block to the blockchain was Satoshi Nakamoto's key innovation. The mining process involves identifying a block that, when hashed twice with SHA-256, yields a number smaller than the given difficulty target. While the average work required increases in inverse proportion to the difficulty target, a hash can always be verified by executing a single round of double SHA-256.
For the bitcoin timestamp network, a valid proof of work is found by incrementing a nonce until a value is found that gives the block's hash the required number of leading zero bits. Once the hashing has produced a valid result, the block cannot be changed without redoing the work. As later blocks are chained after it, the work to change the block would include redoing the work for each subsequent block. If there is a deviation in consensus then a blockchain fork can occur.
Majority consensus in bitcoin is represented by the longest chain, which required the greatest amount of effort to produce. If a majority of computing power is controlled by honest nodes, the honest chain will grow fastest and outpace any competing chains. To modify a past block, an attacker would have to redo the proof-of-work of that block and all blocks after it and then surpass the work of the honest nodes. The probability of a slower attacker catching up diminishes exponentially as subsequent blocks are added.[3]
To compensate for increasing hardware speed and varying interest in running nodes over time, the difficulty of finding a valid hash is adjusted roughly every two weeks. If blocks are generated too quickly, the difficulty increases and more hashes are required to make a block and to generate new bitcoins.[3]
Difficulty and mining pools
editBitcoin mining is a competitive endeavor. An "arms race" has been observed through the various hashing technologies that have been used to mine bitcoins: basic central processing units (CPUs), high-end graphics processing units (GPUs), field-programmable gate arrays (FPGAs) and application-specific integrated circuits (ASICs) all have been used, each reducing the profitability of the less-specialized technology. Bitcoin-specific ASICs are now the primary method of mining bitcoin and have surpassed GPU speed by as much as 300-fold. The difficulty of the mining process is periodically adjusted to the mining power active on the network. As bitcoins have become more difficult to mine, computer hardware manufacturing companies have seen an increase in sales of high-end ASIC products.[8]
Computing power is often bundled together or "pooled" to reduce variance in miner income. Individual mining rigs often have to wait for long periods to confirm a block of transactions and receive payment. In a pool, all participating miners get paid every time a participating server solves a block. This payment depends on the amount of work an individual miner contributed to help find that block, and the payment system used by the pool.[9]
Environmental effects
editMined bitcoins
editBy convention, the first transaction in a block is a special transaction that produces new bitcoins owned by the creator of the block. This is the incentive for nodes to support the network.[2] It provides a way to move new bitcoins into circulation. The reward for mining halves every 210,000 blocks. It started at 50 bitcoin, dropped to 25 in late 2012, and to 6.25 bitcoin in 2020. The most recent halving, which occurred on 20 April 2024 at 12:09am UTC (with block number 840,000), reduced the block reward to 3.125 bitcoins.[14][15] The next halving is expected to occur in 2028, when the block reward will fall to 1.625 bitcoins.[16][17] This halving process is programmed to continue a maximum of 64 times before new coin creation ceases.[18]
Payment verification
editEach miner can choose which transactions are included in or exempted from a block.[19] A greater number of transactions in a block does not equate to greater computational power required to solve that block.[19]
As noted in Nakamoto's whitepaper, it is possible to verify bitcoin payments without running a full network node (simplified payment verification, SPV). A user only needs a copy of the block headers of the longest chain, which are available by querying network nodes until it is apparent that the longest chain has been obtained; then, get the Merkle tree branch linking the transaction to its block. Linking the transaction to a place in the chain demonstrates that a network node has accepted it, and blocks added after it further establish the confirmation.[2]
Protocol features
editSecurity
editVarious potential attacks on the bitcoin network and its use as a payment system, real or theoretical, have been considered. The bitcoin protocol includes several features that protect it against some of those attacks, such as unauthorized spending, double spending, forging bitcoins, and tampering with the blockchain. Other attacks, such as theft of private keys, require due care by users.[20][21]
Unauthorized spending
editUnauthorized spending is mitigated by bitcoin's implementation of public-private key cryptography. For example, when Alice sends a bitcoin to Bob, Bob becomes the new owner of the bitcoin. Eve, observing the transaction, might want to spend the bitcoin Bob just received, but she cannot sign the transaction without the knowledge of Bob's private key.[21]
Double spending
editA specific problem that an internet payment system must solve is double-spending, whereby a user pays the same coin to two or more different recipients. An example of such a problem would be if Eve sent a bitcoin to Alice and later sent the same bitcoin to Bob. The bitcoin network guards against double-spending by recording all bitcoin transfers in a ledger (the blockchain) that is visible to all users, and ensuring for all transferred bitcoins that they have not been previously spent.[21]: 4
Race attack
editIf Eve offers to pay Alice a bitcoin in exchange for goods and signs a corresponding transaction, it is still possible that she also creates a different transaction at the same time sending the same bitcoin to Bob. By the rules, the network accepts only one of the transactions. This is called a race attack, since there is a race between the recipients to accept the transaction first. Alice can reduce the risk of race attack stipulating that she will not deliver the goods until Eve's payment to Alice appears in the blockchain.[22]
A variant race attack (which has been called a Finney attack by reference to Hal Finney) requires the participation of a miner. Instead of sending both payment requests (to pay Bob and Alice with the same coins) to the network, Eve issues only Alice's payment request to the network, while the accomplice tries to mine a block that includes the payment to Bob instead of Alice. There is a positive probability that the rogue miner will succeed before the network, in which case the payment to Alice will be rejected. As with the plain race attack, Alice can reduce the risk of a Finney attack by waiting for the payment to be included in the blockchain.[23]
History modification
editEach block that is added to the blockchain, starting with the block containing a given transaction, is called a confirmation of that transaction. Ideally, merchants and services that receive payment in bitcoin should wait for at least a few confirmations to be distributed over the network before assuming that the payment was done. The more confirmations that the merchant waits for, the more difficult it is for an attacker to successfully reverse the transaction—unless the attacker controls more than half the total network power, in which case it is called a 51% attack, or a majority attack.[24] Although more difficult for attackers of a smaller size, there may be financial incentives that make history modification attacks profitable.[25]
Scalability
editThe Bitcoin scalability problem refers to the limited capability of the Bitcoin network to handle large amounts of transaction data on its platform in a short span of time.[26] It is related to the fact that records (known as blocks) in the Bitcoin blockchain are limited in size and frequency.[27]
Bitcoin's blocks contain the transactions on the bitcoin network.[28]: ch. 2 The on-chain transaction processing capacity of the bitcoin network is limited by the average block creation time of 10 minutes and the original block size limit of 1 megabyte. These jointly constrain the network's throughput. The transaction processing capacity maximum estimated using an average or median transaction size is between 3.3 and 7 transactions per second.[27] There are various proposed and activated solutions to address this issue.Privacy
editDeanonymisation of clients
editDeanonymisation is a strategy in data mining in which anonymous data is cross-referenced with other sources of data to re-identify the anonymous data source. Along with transaction graph analysis, which may reveal connections between bitcoin addresses (pseudonyms),[20][29] there is a possible attack[30] which links a user's pseudonym to its IP address. If the peer is using Tor, the attack includes a method to separate the peer from the Tor network, forcing them to use their real IP address for any further transactions. The cost of the attack on the full bitcoin network was estimated to be under €1500 per month, as of 2014.[30]
See also
editReferences
edit- ^ Hut, Moody (18 December 2023). "What is Blockchain Technology and How Does it Work".
- ^ a b c Nakamoto, Satoshi (24 May 2009). "Bitcoin: A Peer-to-Peer Electronic Cash System" (PDF). Archived from the original (PDF) on 4 July 2010. Retrieved 20 December 2012.
- ^ a b c d Barber, Simon; Boyen, Xavier; Shi, Elaine & Uzun, Ersin (2012). "Bitter to Better – how to make Bitcoin a better currency" (PDF). Financial Cryptography and Data Security. Lecture Notes in Computer Science. Vol. 7397. Springer Publishing. pp. 399–414. doi:10.1007/978-3-642-32946-3_29. ISBN 978-3-642-32945-6.
- ^ Sigalos, MacKenzie (15 June 2021). "China is kicking out more than half the world's bitcoin miners – and a whole lot of them could be headed to Texas". CNBC. Retrieved 5 December 2023.
- ^ "Cambridge Bitcoin Electricity Consumption Index (CBECI)". ccaf.io. Retrieved 5 December 2023.
- ^ "Bitcoin mania is hurting PC gamers by pushing up GPU prices". 30 January 2018. Archived from the original on 2 February 2018. Retrieved 2 February 2018.
- ^ "Cryptocurrency mining operation launched by Iron Bridge Resources". World Oil. 26 January 2018. Archived from the original on 30 January 2018.
- ^ "Bitcoin boom benefiting TSMC: report". Taipei Times. 4 January 2014.
- ^ Rosenfeld, Meni (17 November 2011). Analysis of Bitcoin Pooled Mining Reward Systems. arXiv:1112.4980. Bibcode:2011arXiv1112.4980R.
- ^ Huang, Jon; O'Neill, Claire; Tabuchi, Hiroko (3 September 2021). "Bitcoin Uses More Electricity Than Many Countries. How Is That Possible?". The New York Times. ISSN 0362-4331. Archived from the original on 17 February 2023. Retrieved 1 February 2022.
- ^ a b de Vries, Alex; Stoll, Christian (December 2021). "Bitcoin's growing e-waste problem". Resources, Conservation and Recycling. 175: 105901. Bibcode:2021RCR...17505901D. doi:10.1016/j.resconrec.2021.105901. ISSN 0921-3449. S2CID 240585651. Archived from the original on 23 November 2021. Retrieved 6 October 2022.
- ^ Lal, Apoorv; Zhu, Jesse; You, Fengqi (13 November 2023). "From Mining to Mitigation: How Bitcoin Can Support Renewable Energy Development and Climate Action". ACS Sustainable Chemistry & Engineering. 11 (45): 16330–16340. doi:10.1021/acssuschemeng.3c05445. ISSN 2168-0485. S2CID 264574360. Archived from the original on 23 November 2023. Retrieved 23 November 2023.
- ^ Stoll, Christian; Klaaßen, Lena; Gallersdörfer, Ulrich; Neumüller, Alexander (June 2023). Climate Impacts of Bitcoin Mining in the U.S. (Report). Working Paper Series. MIT Center for Energy and Environmental Policy Research. Archived from the original on 18 November 2023. Retrieved 18 November 2023.
- ^ Macheel, Tanaya (20 April 2024). "The Bitcoin network completes the fourth-ever 'halving' of rewards to miners". CNBC. Retrieved 20 April 2024.
- ^ "So, Bitcoin Halving Is Done. What Happened and What's Next?". Investopedia. Retrieved 20 April 2024.
- ^ "Bitcoin Halving 2024: Why It Matters & What to Expect". 6 June 2023.
- ^ "Bitcoin is about to undergo another 'halving' event. Here's why that could send its price soaring".
- ^ Antonopoulos, Andreas M (1 July 2017). Mastering bitcoin: programming the open blockchain (2nd ed.). Sebastopol, California, USA: O'Reilly Media. p. 239. ISBN 978-1-4919-5438-6. OCLC 953432201.
- ^ a b Houy, N. (2016). "The Bitcoin Mining Game". Ledger. 1: 53–68. doi:10.5195/ledger.2016.13. Retrieved 14 January 2017.
- ^ a b Ron Dorit; Adi Shamir (2012). "Quantitative Analysis of the Full Bitcoin Transaction Graph" (PDF). Cryptology ePrint Archive. Retrieved 18 October 2012.
- ^ a b c Jerry Brito & Andrea Castillo (2013). "Bitcoin: A Primer for Policymakers" (PDF). Mercatus Center. George Mason University. Archived from the original (PDF) on 21 September 2013. Retrieved 22 October 2013.
- ^ Erik Bonadonna (29 March 2013). "Bitcoin and the Double-spending Problem". Cornell University. Retrieved 22 October 2014.
- ^ Karame, Ghassan O.; Androulaki, Elli; Capkun, Srdjan (2012). "Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin" (PDF). iacr.org. International Association for Cryptologic Research. Retrieved 22 October 2014.
- ^ Michael J. Casey; Paul Vigna (16 June 2014). "Short-Term Fixes To Avert "51% Attack"". Money Beat. Wall Street Journal. Retrieved 30 June 2014.
- ^ Bar-Zur, Roi; Abu-Hanna, Ameer; Eyal, Ittay; Tamar, Aviv (2023). 2023 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society. doi:10.1109/SP46215.2023. ISBN 978-1-6654-9336-9. Retrieved 15 May 2023.
- ^ [The Limits to Blockchain? Scaling vs. Decentralization.] Social Science Research Network. Cybersecurity, Privacy & Networks eJournal. Accessed 21 April 2019.
- ^ a b Croman, Kyle; Eyal, Ittay (2016). "On Scaling Decentralized Blockchains" (PDF). Financial Cryptography and Data Security. Lecture Notes in Computer Science. Vol. 9604. pp. 106–125. doi:10.1007/978-3-662-53357-4_8. ISBN 978-3-662-53356-7. Retrieved 10 December 2017.
The maximum throughput is the maximum rate at which the blockchain can confirm transactions. Today, bitcoin's maximum throughput is 3.3–7 transactions/sec [1]. This number is constrained by the maximum block size and the inter-block time.
- ^ Antonopoulos, Andreas M. (April 2014). Mastering Bitcoin. Unlocking Digital Crypto-Currencies. O'Reilly Media. ISBN 978-1-4493-7404-4.
- ^ Reid, Fergal; Harrigan, Martin (2013). "An Analysis of Anonymity in the Bitcoin System". Security and Privacy in Social Networks. New York, NY. pp. 197–223. arXiv:1107.4524. doi:10.1007/978-1-4614-4139-7_10. ISBN 978-1-4614-4138-0.
{{cite book}}
: CS1 maint: location missing publisher (link) - ^ a b Biryukov, Alex; Khovratovich, Dmitry; Pustogarov, Ivan (2014). "Deanonymisation of clients in Bitcoin P2P network". ACM Conference on Computer and Communications Security. arXiv:1405.7418. Bibcode:2014arXiv1405.7418B. ISBN 9781450329576. Archived from the original on 22 May 2017. Retrieved 16 May 2017.
Works cited
edit- de Vries, Alex; Gallersdörfer, Ulrich; Klaaßen, Lena; Stoll, Christian (16 March 2022). "Revisiting Bitcoin's carbon footprint". Joule. 6 (3): 498–502. Bibcode:2022Joule...6..498D. doi:10.1016/j.joule.2022.02.005. ISSN 2542-4351. S2CID 247143939.