The document summarizes how Bitcoin works through a distributed network of computers (miners) that maintain a shared transaction ledger (blockchain). Miners use their computing power to validate transactions by solving complex puzzles and adding verified transactions to the blockchain. This process earns miners new bitcoins as a reward and incentive. The blockchain records all transactions in a permanent, transparent and decentralized way without relying on a central authority. The longest blockchain is considered proof of the sequence of transactions.
2. Bitcoin works by people publishing transactions to a
list in a public space
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 3 bitcoins But where did Paul get those
3 bitcoins?
Three transactions are
shown.
3. One transaction needs to refer to an earlier
transaction as the funding source
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 3 bitcoins
Use the bitcoins I (Paul) got
from Kent to pay Judy.
4. Similarly, Kent needs to indicate where he got those
8 bitcoins from
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 3 bitcoins
XXX pays Kent 3 bitcoins
...
5. How can others know if it is really Paul who
published that transaction?
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 3 bitcoins
Could someone else such as
Judy publish this transaction,
essentially robbing Paul?
6. Each person has a secret password, which can be
used to sign the transaction
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 3 bitcoins
Paul This is a signature generated
by Paul using his password.
Kent This is a signature generated
by Kent using his password.
7. But there are many people named Paul in the world
This person is identified as 967276 on
the bitcoin network. That's all people
know about him. This code is special
because it can check his signatures.
Hi everyone, my unique
code is 967276. You can
use this code to check my
signatures.
My secret
password is
123456. I will
tell nobody.
8. What if Paul only wants to pay Judy 2 bitcoins?
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 2 bitcoins and
1 bitcoin to Paul
9. Judy later can pay someone else 1 bitcoin and keep
1 bitcoin herself
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 2 bitcoins and
Paul 1 bitcoin
Judy pays Emma 1 bitcoin
and Judy 1 bitcoin
Specifically points to here instead of the
whole transaction.
10. What if Paul tries to pay the same coins twice? This
is called double spending
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 2 bitcoins and
Paul 1 bitcoin
Paul pays Paul 3 bitcoins
Paul buys some goods from
Judy so he pays her.
Paul magically gets back
his money.
11. If the data is stored in a central server, it should
reject such a transaction
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 2 bitcoins and
Paul 1 bitcoin
Paul pays Paul
3 bitcoins
A central server, like a bank for bitcoin.
Please accept
this transaction.
No, it is invalid!
Go away!
12. But what if the company running the server is
controlled or bribed by Paul?
Alan pays Jack 2 bitcoins
Kent pays Paul 3 bitcoins
Paul pays Judy 2 bitcoins and
Paul 1 bitcoin
Paul pays Paul
3 bitcoins
A central server, like a bank for bitcoin.
Please accept
this transaction.
OK!
Let's delete
this
transaction
too.
13. So, the "server" actually comprises of many small
computers run by anyone who wants to
A pool of computers
14. If most of them are honest & reject the transaction, it
will be rejected
A pool of computers
Paul pays Paul
3 bitcoins
Please accept
this transaction.
Most say: No, it
is invalid! Go
away!
15. How do these computers determine the acceptance?
Each participant may cast a vote
accept accept reject ... ...
16. But how to identify each participant to avoid voting
twice? Each participant may use his/her unique code
863235 225787 109477 ... ...
17. But a person can generate multiple unique codes,
each with its own password, pretending to be many
participants
863235 225787 109477 ... ...
Unique code Password
863235 ...
225787 ...
109477 ...
Hey, I can cast three votes!
18. Instead of using a unique code, each participant is
required to do some computing work to have a say
do
some
work ... ...
do
some
work
do
some
work
19. The work is like drawing a beautiful picture: it takes
quite some effort to do, but is easy to check
Draw a
beautif
ul
picture ... ...
Draw a
beautif
ul
picture
Draw a
beautif
ul
picture
20. When someone finishes drawing a picture that is
beautiful enough, it sends it & the transaction to
others You agree my picture is beautiful
enough? If so, accept the attached
transaction.
... ...
21. The more computing power one has, the more likely
he can find a beautiful picture
If this computer has 3 times the
computing power of the one to its left,
it has 3 times the chances at finding a
beautiful picture.
Even though this computer has less
chances, it can still beat the other one
at finding a beautiful picture first some
of the time. So this is not a
winner-takes-all game.
22. To accept a double-spent transaction, a hacker has
to control 51% or more of the total computing power
The hacker needs to control a huge
amount of computing power to do bad
things, as long as the other
participants are honest.
23. How to prevent the picture from being used again
and again?
Paul pays Judy 2 bitcoins and
Paul 1 bitcoin
The picture is somehow
integrated with the
transaction, so it is not
usable for any other
transactions.
24. How to prevent the picture from being stolen by
other participants on the network?
Paul pays Judy 2 bitcoins and
Paul 1 bitcoin
Unique code Password
863235 ...
225787 ...
109477 ...
The picture is somehow
integrated with the unique
code of the owner of the
computer that drew the
picture.
25. What if two computers on the network draw a
beautiful picture almost at the same time?
T1
T2
T3
T1
T2
T1
T2
T1
T2Please add
transaction
T3.
Please add
transaction
T4.
T4T1
T2
It should add
transaction
T3 or T4?
26. How to achieve a consensus?
T1
T2
T3
T1
T2
T1
T2
T1
T2Please add
transaction
T3.
Please add
transaction
T4.
T4T1
T2
It should add
transaction
T3 or T4?
27. The transaction sequence can branch, but the
meaning is uncertain
T1
T2
T3
T1
T2
T1
T2
T1
T2Please add
transaction
T3.
Please add
transaction
T4.
T4T1
T2
T1=>T2=>T3
or
T1=>T2=>T4
?
T3 T4
28. This branching may eventually spread to all the other
computers
T1
T2
T3 T4
T1
T2
T3 T4
T1
T2
T3 T4
Users shouldn't trust
T3 or T4 for now.
29. When the next transaction is added, the computer
can choose to append to T3 or T4
T1
T2
T3 T4
T1
T2
T3 T4
T1
T2
T3 T4
T5
If the computer chooses to append it to
T3, now the sequence T1-T2-T3-T5 is
the longest chain.
30. The bitcoin rule says the longest chain should be
trusted. If most users follow the rule, then it is the
truth
T1
T2
T3 T4
T1
T2
T3 T4
T1
T2
T3 T4
T5
31. The computer adding the next transaction will
choose to append it to longest chain
T1
T2
T3 T4
T1
T2
T3 T4
T1
T2
T3 T4
T5
T6
32. As the longest chain gets longer, it is increasingly
more difficult for T4 to overthrow T3
T1
T2
T3 T4
T5
T6
T7
If someone wants to let T4 overthrow T3, he
has to race against the rest of the
participants to quickly add T7, T8, T9 while
others are going to add to T6, which requires
a huge amount of computing power.
T8
T9
33. Each participant working to add transactions is
called a miner
T1
T2
T3 T4
T5
T6
miner 1 miner 2
34. For efficiency, miners group multiple transactions
into a block & add the block to the list (chain)
T1
T2
T3
T4
T5
T6
T7
T8
T9
35. Possible to have branches but the longest chain is
trusted
T1
T2
T3
T4
T5
T6
T7
T8
T9
36. Why would a miner want to do the hard work of
finding the picture? It gets paid
T1
T2
T3
T4
T5
T6
T7
T8
T9
T
Pays me (unique code:
3766567) 12.5 bitcoins.
Each block contains a special transaction
block saying that the miner gets paid by a
standard amount of bitcoins (currently 12.5
bitcoins). There is no payer. Only a payee.
T
T
37. Central idea: Trust no one but get something
extremely trustworthy
● If the majority of miners stick to the rules, the minority of bad people can't do
harm.
● Sticking to the rules has an incentive: If a minor doesn't stick to the rules, its
block will not be added to the longest chain by other honest miners and it
won't get paid.
● No need to rely on central authority such as the government or the bank.
● Crowd sourcing of trust!