There are four major factors that make up Bitcoin - money, decentralized network, Proof-of-Work, and time. We’ll explore each in this blog to understand the basics of what we’re going to be working with.
Bitcoin is money . In my humble opinion, this is the simplest and, at the same time, most precise definition of Bitcoin. Of course, there is much more beneath it as Bitcoin’s fundaments reach very deep into many different areas of science. There is cryptography, information science, computer science, probability, logic, economy, game theory, just to name a few. However, in the end we’re still looking at Bitcoin as money. In this book we will learn about Bitcoin mostly from its technological perspective by building concrete examples with Raspberry Pi 3, Pi 4, and Pi Zero, but nevertheless, we will also touch a few bits of its history and theory that underpin it.
At the very beginning, Bitcoin might appear as very complex, hard to grasp, maybe even a chaotic system, that’s seemingly trying to “reinvent the wheel”. In the end, we not only have money but too much of it, actually.
There are hundreds of different monies out there. And most of them are digital as well. These days we’re more and more using credit cards or online payment systems like PayPal than the old-fashioned paper cash. And even companies are now trying to establish their own cash, like Facebook with its Libra currency. The road toward a cashless society is nothing exceptional anymore but merely a question of time.1 Therefore, a legitimate question would be: Why do we need Bitcoin at all?
For this question to be answered, we’d have to define money first. However, not being an economist, I must consider myself unable to fulfill this task completely and will therefore give a simplified definition by stating that money is a concept rooted in human practice that functions as medium of exchange, store of value, and unit of account. In general, the task of acting as money could be fulfilled by any medium that’s able to fulfill the aforementioned requirements. There is no definition of what the nature of this medium should be nor that it has to be a physical thing, but only how it should behave. Therefore, anything that can serve us to
- Pay for something (medium of exchange)
- Save value for future consumption (store of value)
- Calculate price of something (unit of account)
could be considered money. In fact, throughout history human cultures have developed and used various media for these purposes, for example, seashells, beads, necklaces, and even giant stones. But all these different monies have one thing in common: they’re scarce. This is what makes them valuable and generally acceptable as money.
The fact that one can’t that easily create new money out of thin air assigns each “coin” its value. The scarcity can be achieved by different means, for example, the fact that gold is rare, because there is only so much of it within Earth’s crust, or that it’s exceptionally hard to create giant stones from Yap. We can say that the harder it gets to produce something, it’s value would be higher. Our modern paper cash too is very hard to produce. Just try to count all the counterfeit symbols on a single note. Bitcoin in this case is no different, as there will be only 21,000,000 of bitcoins in existence. The single unit, bitcoin, written in small caps to differentiate it from the underlying protocol, is limited to this number, and its production is getting smaller every 4 years. In an event called “The Halving”, the production of bitcoins drops by 50% thus decreasing their emission. Currently, it’s at 12.5 bitcoins per block, but in May 2020, it will drop to 6.25 bitcoins.
However, being practically oriented we instinctively know that today’s monies or, more general, monetary systems , don’t quite exactly fulfill all those requirements. Especially not when it comes to scarcity. The prices rise continuously, in some countries at a staggering rate, which leaves us with the question, why did the value of money drop? According to our previous theory, our money should have been scarce enough to maintain its value. This negative effect is what we call inflation, although I’d rather call it price inflation to separate it from the money inflation, but this is a separate topic that fills whole libraries, and not even economists agree on it.
In any case the result is the same: what we have saved today will be, more often than not, much less worth when our children have inherited it from us. The sad reality is that one of the three properties of money can’t be maintained with today’s monetary systems. Our money is simply not a very good store of value. Also, every now and then, those who are in power will decide that our money should be used for purposes contrary to our individual plans. Bank bail outs and even bail ins like in Cyprus 2013 are not impossible anymore. The global crisis of 2008 is yet another topic that easily fills libraries. I could continue with even more drastic examples, but these few lines alone should be sufficient to recognize that our today’s money doesn’t function the way we’d expect it to be. It loses its value, and someone else can take it from us against our will. Money that works the same way in practice, as it’s been defined in theory, is hard to find. Of course, there is a certain group of people, often called “gold bugs”, who are praising the advantages of gold as being non-inflatable and therefore an ideal store of value, but as we will see later, gold itself has certain inherent problems so that it could never compete with let alone outperform Bitcoin. Bitcoin is money that fulfills the three requirements, because
- Its supply is predictable and limited to 21 million bitcoins.
- Its inflation rate is predefined. Currently, it’s 12.5 bitcoins per generated block. This rate halves every 4 years, with the next halving that’ll happen in May 2020.
- It’s not controlled by anyone. That is, it is decentralized, as it has no intermediaries like banks or clearance houses. Nobody can change it, or take it from you, because of some political or strategic concerns.
- Everyone can use Bitcoin without permission. You don’t even have to be human to participate. Any device could send and receive bitcoins just like its human counterparts, or cats, or dogs, etc.
- Its properties can only be changed when a supermajority of participating nodes agrees on a particular change. And this is an extremely hard process.
Consensus Rules of Bitcoin
These rules with all their technical details are what’s being called the Consensus Rules , which is what every participating Bitcoin node strictly follows. The Consensus Rules are basically code every participating node executes, which then helps them reach the Emergent Consensus on the current state of Bitcoin’s blockchain. Although the rules hardwired in code get executed by every single node separately, they’ll ultimately reach a Consensus on the current state of the decentralized network. It is important to differentiate between those two: the code inside a node and the finding of the consensus between participating nodes. The fact that nodes execute certain code part doesn’t mean they’ll blindly reach some predefined consensus, but moreover will have to find it out, for every block to be included in the blockchain.
We say that the Consensus emerges as result of the communication between nodes. Every 10 minutes, which is roughly the time needed to generate a new block, all participating nodes will react to data they’ve received from one another and ultimately find a Consensus that will be applied on this very block. And as soon as they’ve agreed on it, the game will start anew, because a new block will be generated, thus putting the nodes in the same state as before: they’ll have to find consensus again. Such a strategy is needed to solve a decades-old problem called the Byzantine Generals’ Problem.
This problem deals with the question how nodes can agree on valid states in decentralized networks, where those can get damaged, behave maliciously, or simply be unreachable at certain points in time. One obvious solution would be to simply install some kind of “coordinating node”, where all other nodes would have to register themselves, but in case of Bitcoin, this is impossible, as it explicitly prevents centralization, censorship, and trusted third parties. A solution like a “registry of nodes” would make Bitcoin end up being just another variant of PayPal or Visa. In Bitcoin there are no governing bodies of any kind. Or as one can often hear in Bitcoin circles, there are only Rules without Rulers.
With this we mean the encoded Consensus Rules running in every node. This fact makes Bitcoin resistant to external changes, which also makes it mathematically predictable in the future. Unlike our today’s money, we exactly know how many bitcoins have been generated so far and how many will be generated in the future. We can easily calculate future Halvings and how long it’ll take until the last bitcoin has been mined (it’ll be in the year 2140).
If we take a medium that is resistant to sudden changes, that is, predictable and not controlled by anyone, that can’t be changed because of some “important reasons”, we easily recognize that these properties constitute qualities any medium must have to function as money according to our definition from the beginning. Therefore, Bitcoin is money. Or to distinguish it from the money we use today, Bitcoin is hard money. Given the fact that Bitcoin can’t be found in nature, or touched, or smelled, the attribute hard might sound like an exaggeration. However, as the human progress continues, we will not only be continuously updating all the many devices and software around us but also our shared mental models and concepts. One of them is the understanding of what money is and what should constitute it. Thinking about it is a necessary prerequisite to understand Bitcoin in general, because taking only the technical perspective will make it look like yet another network or funny nerd money with questionable use cases (and sometimes also users).
Changing Our Mental Model of Money
Just like our perception of gold, paper money, and credit cards have changed over time, we will change our definitions of monetary systems of the future, switching from centralized networks with banks and other governing bodies, who decide who can participate and on what terms, to more decentralized alternatives, where your money is your money alone and can neither be seized nor its value diminished because of external factors. Censorship resistance will become an integral part of every successful monetary system.
It takes some time to grasp the profound changes and to accept that they affect us all at an individual level, but the earlier we begin to face some of our comfortable truths and start updating our shared concepts, the more likely we will have prepared ourselves to become independent actors in the paradigms to come and not remain mere spectators. Just like today when having a smartphone is considered a necessity, our successors will consider running a Bitcoin Node a necessity.
It will be hard for them to believe that once we had to use banks. Not to mention those funny “pausing of banking activities” on weekends, because banks were closed back then. The transition toward the new monetary system won’t be easy or quick, as there never was any profound change without resistance and necessary learning processes, but the change is already there. Currently, it’s mostly attracting early adopters, the usual idealists, and also a fair share of speculators. But just like WWW began as a project for specialists working in high-energy physics, Bitcoin is a project that began in an obscure mailing list for cryptographers and idealists from the Cypherpunk movement. Who could have imagined back then that it’d become a multibillion industry one day?
Bitcoin operates an open-source, permissionless, borderless, decentralized, censorship-resistant peer-to-peer network. Tens of thousands of nodes, many of them so-called full nodes , that contain the whole transaction index since its beginning in 2009 participate in validation and dissemination of transactions. Network participants create transactions, which very often simply transfer ownership of bitcoins from one party to another. As every transaction needs to be validated, before it can become part of a block, nodes are busy with sending and receiving them throughout the network. And roughly every 10 minutes, some of those transactions will get included in the next candidate block that was generated by nodes who are not only validating transactions but also creating new blocks.
These specialized nodes are what we call miners, because they’re continuously generating special numbers, called hashes, at an extremely high rate. Those mining nodes collect incoming transactions and bundle them together in candidate blocks. Each time a miner creates a candidate block, it pushes them as fast as it can throughout the network so that other nodes can validate it. The success of validation depends on several factors. One of them is the existence of the aforementioned hash value, which must be of certain form.
This is how a block comes into existence. A node creates a transaction, which gets validated by other nodes. And then there are certain nodes that are creating blocks, which will contain this transaction as well. Bitcoin’s network is home to various kinds of nodes, for example, miners, validating nodes (Full Nodes) and mobile nodes (SPV wallets), but all of them obey the same rules, the Consensus, thus making all participants just that: nodes. The Bitcoin protocol only knows nodes. There is no explicit handling of individual specialization of nodes, like the aforementioned mining functionality.
Being a decentralized network that serves for value transaction and ownership is opening several questions:
- How does the money, bitcoins, come into existence in such a network?
- If Bitcoin has no governing body, like a bank, then how is anyone supposed to transact money or own it in the first place?
- If nobody is taking care of money supply, how do we prevent the double-spending problem, that is, how do we make sure that money spent once cannot be spent again by the same party?
In our daily experience, we know where the money is coming from and who takes care of preventing double spends. In the beginning, a state and its agencies like central banks are issuing currencies. This money then is being forwarded to local banks, which use them to interact with businesses and individuals. They take care of every single transaction by utilizing digital ledgers, which trace all monetary in- and outflows. This method hasn’t changed for centuries. The only innovation is that instead of physical ledgers as shown in Figure 1, nowadays computerized systems take care of transactions.
Figure 1 Entries in a physical ledger
Each time an individual or company takes a loan or deposits funds to an account, certain entries will be made or updated by a bank. Therefore, we don’t have to do any bookkeeping on our own, as there is an authority doing the necessary checks. But Bitcoin, being a permissionless, decentralized system, has no such authority at all.
However, Bitcoin has its own ledger too, also called the Blockchain , that gets replicated in every participating node. More precisely, Bitcoin’s blockchain is a “public” one, because anyone can participate in the process without asking for permission. Each time a new entry has to be inserted into the blockchain, all participating nodes will include this change into their own copies as well. From this perspective, sending money with Bitcoin looks no different than sending money via bank, or PayPal, or by using a credit card. Someone sent a certain amount of money, that is, created a transaction, and our distributed, or better, replicated, ledger got updated accordingly. What previously belonged to the sender now belongs to its recipient.
But unlike traditional ledgers, Bitcoin as a network automatically takes care of every transaction, because all participating nodes follow the same set of rules. Not having a central authority doesn’t mean that Bitcoin has no rules or can’t enforce them. Moreover, the same rules are found in every node and only when all of them have agreed upon a transaction will it be accepted as valid and can become part of a future block. Unlike traditional systems, where the power to decide is concentrated in a particular center, be it a person or a governing body, the rules of Bitcoin are located in every node, thus making any kind of authority or trusted intermediary unnecessary. Bitcoin’s authority is decentralized and automatic. The network is its own authority. However, merely agreeing on inclusion of transactions isn’t enough to properly answer questions from above. The double-spend problem is still with us, and we still don’t know how the bitcoins get created in the first place. Spending bitcoins can only happen if we know how to create them . This is the point where we have to introduce another term: Proof-of-Work.
Being a decentralized network of nodes who don’t care about each other and can join and leave the network at will, there is a problem with introduction of new blocks and bitcoins. Why should a node include any block into its own blockchain copy? The question of validity of blocks goes hand in hand with the question of creation and ownership of bitcoins. Creation and validation of blocks must always lead to global consensus among all participating nodes to keep the network together. However, there is one important difference: while validation is very fast and inexpensive, the creation of blocks is extremely costly and requires vast amounts of energy to be spent for mathematical calculations, that produce hash values which must be included in each block. To check a block for its validity is a matter of milliseconds, but to create it needs minutes and great amounts of electricity. This is due to the mathematical nature of those hash values, which make any shortcuts in calculation impossible. The hash function used in Bitcoin is called SHA-256. Hash functions are often being used to generate tamperproof fingerprints of other data, because it’s very easy to generate a hash of data, for example, a book text. Good hashing functions are collision-free , that is, they don’t produce the same hash for different input data. However, being currently collision-free doesn’t mean that a hashing function will always return unique hashes. It simply states that until now nobody has found a mathematical method to successfully generate a collision.
We can use such functions to test the integrity of data, for example, to check if a copy of a document sent via e-mail represents the original. A hashing function would process this document as its input data and based on it generate a digest value, which functions as the fingerprint of data in question. One could later compare the hash of the original document with the hash of the copy. Even a slightly changed input value would lead to a drastically different fingerprint. This property is being used in Bitcoin to create blocks that have their own unique fingerprints, thus making them very easy to validate, because any later change, no matter how small, would immediately generate a completely different hash. This technique renders any manipulation attempts futile. This property is also being used by miners to search for the expected hash value, or target. As the contents of the block header comprise of data that can’t be changed, like the hash value of the previous block, there must be a way to generate the expected hash values without invalidating already existing data.
To achieve this, miners use so-called Nonce values as shown in Figure 2, which can be changed, because they’ll later also serve as input values for block validation. As the process of finding expected hashes is following the simple trial-and-error approach, as there are no known optimization techniques, the only option miners have is to keep on changing the Nonce until they’ve found a hash value that is smaller as the expected target, which is reflected in the number of leading zeroes.
Figure 2 Calculating Nonces to be included in the block header
Imagine a miner who’s continuously increasing the Nonce value, until it finds the target. As soon as this happens, the miner would create a block that contains a certain number of transactions plus the block header together with the Nonce and subsequently send it on its way throughout the network. The receiving nodes would read the block header, get the Nonce, and simply execute the same hashing function but this time without having to go through the ordeal of finding it as they’d only have to recalculate the hash value and compare its structure with the expected target. If the hash starts with the expected number of leading zeroes, the block will be accepted and included in the chain. To understand this operation better, let us examine the contents of a block.
Every Bitcoin block comprises of two parts: a list of transactions and a header. For now, we will focus on the block header and come back later to transactions when we meet Bitcoin’s scripting language. As shown in Figure 3, a block header comprises of these parts:
- Block version.
- Hash value of the previous block.
- Hash value of the Merkle Tree, which uniquely represents all transactions in this block by combining them into a tree of hashes. Any change in any of the transactions would lead to a different Merkle Tree.
- Block creation timestamp.
- Expected target.
Figure 3 Bitcoin block structure
These values will be used to produce a hash for the upcoming block. A miner would take all available values to feed the SHA-256 function and check if the result is smaller than given target. If it isn’t, it would then increase the Nonce and try again, until either the value reflects the expected target or some other mining device has found a solution in the meantime. In this case, the “losing” miners would accept the new block by updating their own blockchain copies, throw away their own unsuccessful candidate blocks, and the race would start anew.
When we look at the structure from Figure 3, we recognize that Bitcoin’s blockchain is a back-linked list of blocks . The data of a previous block header gets hashed and becomes one of the entries in its succeeding block header and so on. This in turn means that if you change anything in one block, you indirectly change all entries in all of the following blocks.
This is how Bitcoin prevents manipulations, because regardless which of the previous blocks got manipulated, for example, by changing the amounts of bitcoins spent, the immediate reaction would be a drastically changed block header hash value, which would affect its successor’s block hash value. Any change would literally provoke a chain reaction. This is how Bitcoin solves the double-spend problem.
By using transactions and block hashes as input values for one-way functions, Bitcoin creates a structure, called the blockchain, that gets replicated over tens of thousands of nodes that validate all transactions and blocks. And just like block headers get hashed, the same happens to transactions as well. By using a mathematical structure called Merkle Tree (Figure 4), we create pairwise hashes of transactions. Those values then become new pairs in the upper levels of the structure, until there are no more pairs left.
Figure 4 Merkle Tree of hash values
In case when blocks contain odd numbers of transactions, remaining transaction hashes get duplicated to balance out the structure. The final hash at the top then gets included in the block header, thus making transactions immutable. Any change in the transaction list would affect the Merkle Tree as a whole. This of course would also invalidate the block header and the block as well. Again, this technique makes any subsequent changes practically impossible, because miners that want to include such blocks would have to expend excessive amounts of energy not only for direct block manipulation but also to manipulate their predecessors and ancestors. The fact that it is extremely expensive to change already included data in Bitcoin’s blockchain is one of the reasons that make it so valuable. The strength of Bitcoin isn’t that it’s needed to expend vast amounts of energy to create new blocks, but that one would have to expend even higher amounts of energy to change data already included in the blockchain.
A coin spent once can’t be spent again, because changing the past in Bitcoin is not only mathematically challenging but also extremely costly. To change transactions in a single block, the attackers would have to have at least 51% of the overall network hash rate, which means gigawatts of electricity, and even if they were successful, they’d have to maintain the manipulation for at least six more blocks, because in Bitcoin a transaction is only then accepted as settled after six blocks have been generated and included in the blockcain after it. Bitcoin’s defense is not only based on mathematics but also deeply rooted in the constraints of the real world. Bitcoin doesn’t exist in a vacuum, as there are many participants with very often different goals.
Exchanges, for example, would reject coins coming from manipulated, that is, invalid, blocks, just like most of the individual investors would reject them as well. Trying to manipulate a single entry in Bitcoin’s blockchain would provoke an immediate reaction of various participants. And there is no way to force others to accept those blocks and transactions.
Now the question is whether a miner should expend energy for attacking the network, which would fail anyway, or rather participate in the racing game to actually get rewarded by solving puzzles. The incentive structure of Bitcoin renders manipulative acts useless not only by making them costly but also by offering lucrative alternatives.
Figures 5 and 6 show the difference in the expected difficulty for the very first block and block 500,000.
Figure 5 Bitcoin’s Genesis Block
Figure 6 Bitcoin block no. 500,000
Creating blocks in Bitcoin is a racing game of highly specialized machines, which do nothing else, but crunching values with the ultimate goal of being the first one, who solved the current puzzle. The more mining nodes join the network, the harder to solve the puzzles it gets as the difficulty algorithm adapts automatically to the hash rate of mining devices. The more hash power in being thrown into the game, the harder to solve the puzzles get. This racing game is ongoing since January 3, 2009, when the anonymous Bitcoin creator, Satoshi Nakamoto, started the first Bitcoin nodes that produced initial blocks.
And as every subsequent block is hardwired to its predecessor, the result is an immutable chain of blocks that is reaching back to its root, the Genesis Block.
As roughly every 10 minutes a new block gets created, this also means that each time a new block got included in the blockchain, the racing game starts anew. To participate in this extremely competitive business means that each time one of your competitors solves the puzzle first, you’ve expended electricity without having received any reward. However, the more machines participate in the Bitcoin network, the more secure it gets, because the chance of manipulation is getting lower with every additional CPU cycle invested.
Every mining node is trying to be the first one that solved the puzzle, because it will make them eligible to write a special, and always the first transaction in the upcoming block. This special transaction, also called coinbase , contains the amount of newly generated bitcoins and the address of their recipient: the miner’s own address. A block can contain many transactions, but the first one created contains the current bitcoin reward for the miner of this block. This is how miners get paid in the Bitcoin network and also how bitcoins come into existence in the first place. But block rewards aren’t the only way to pay miners for their services. As miners usually don’t generate empty blocks, but actually include many transactions, those who send them will have to include a properly calculated fee, which then will be collected by miners. Of course, transactions with higher fees will be likely processed faster, while those including lower fees will have to wait a bit longer.
The combination of Proof-of-Work, block rewards, and transaction fees is how miners get incentivized to participate in this highly expensive racing game without trying to manipulate the blockchain. Without rewards there would be much less mining activity in the network, thus making its security much weaker as the few participating miners could reorganize the network at will. The more expensive the racing game gets, the harder it becomes to take over the network.
Imagine a small network with only a hundred mining nodes based on off-the-shelf computers with standard x64Bit CPUs. Powerful competitors with only a few computers running specialized graphic cards for mathematical calculations could easily become the fastest runners, thus preventing other mining nodes from generating any of the future blocks. If they keep on generating the majority of blocks, they could also become powerful enough to decide what can become part of any upcoming block. Such miners could, for example, reject certain transactions, for whatever reason. They could only include transactions that pay a certain fee for example. In short, a network like that would become centralized and not that much different from any other legacy payment system, where regulators can decide which transaction is valid and which is not.
To prevent problems like these, the Bitcoin network reacts to changes in the overall computation power by increasing the hardness of the puzzle itself. Roughly every 2 weeks, which equals 2016 blocks, the difficulty algorithm gets readjusted to keep the average time needed to provide a solution at 10 minutes. Therefore, the more miners join the network, the harder it gets to solve the puzzle. Basically, the number of leading zeroes in future hash values increases, that is, the expected target value gets smaller. This in turn increases the demand for new hardware to stay competitive in this vicious race, which in turn has an effect on the price level of Bitcoin.
It’s a cycle where the price of Bitcoin is determined by the energy consumed to create bitcoins, which itself increases the incentive to participate and stay as miner in the network in the first place. These of course aren’t the only participants in the network, as merely mining blocks would be pretty much useless, if there was no one willing to actually use them. Also, the mining itself isn’t enough to keep the network secure as we need other actors who will take care of “reminding” miners to follow the predefined Consensus Rules.
This is the task not only of other mining nodes, who compete against each other anyway, but also of non-mining nodes, who don’t participate in mining at all. Every Full Bitcoin Node, that is, a node that contains the whole history of transactions generated since the creation of the Genesis Block, is contributing to the overall security of the Bitcoin network by validating blocks produced by miners. By running a Full Node, like the ones we will be building throughout this book, you don’t have to trust or rely on anyone as the Consensus Rules embedded in your node would automatically reject any nonstandard transactions and blocks.
If you are now asking yourself how a small Raspberry Pi Node could ever force a powerful miner to follow the Consensus Rules, imagine a situation where a miner deliberately creates a block inlcuding a coinbase transaction that assigns him 1000 bitcoins. As we already know, in a decentralized network like Bitcoin’s, the newly created block must be validated and accepted by the majority of nodes to become part of the blockchain, which in turn confirms the ownership of bitcoins and transaction fees assigned.
Being incentivized by Proof-of-Work and promised bitcoins from coinbases and transaction fees, all miners have an economic interest that the majority of Full Nodes accepts their blocks. However, there is no way for miners to force other nodes to accept a block, like the one with 1000 bitcoins in its coinbase transaction. Every node executes only its own code, and if the embedded Consensus Rules say that a block is invalid, then there is no way to make it valid by any means. Creating nonstandard blocks ultimately leads to rejection by Full Nodes and also to enormous electricity costs, because such miners would be paying money for mining blocks that nobody wants. This too is one of the security measures embedded in Bitcoin’s ecosystem.
Bitcoin maintains a carefully aligned system of rewards, incentives, and punishments, that keeps all parties working together, although every participant actually only works for itself. In Bitcoin, every node can join and leave at will, but if a node wants to continue participating in the network, it must follow the Consensus Rules, because there is nothing else that could be done without other nodes noticing it. Any manipulation by any party would be rejected by the network, which ultimately leads to one or another kind of loss in physical space. This too is what makes Bitcoin so valuable in “real life”, because people have to expend money, energy, and time to participate in it. The time factor, however, plays another, very significant role. Although the focus on mining and validating blocks constitutes a valid approach in understanding the complexity and different factors in Bitcoin’s network, the time itself is what actually makes the whole ecosystem “tick”.
Without time the network would neither be able to create blocks nor to execute transaction scripts. It would simply not be able to come into existence and maintain its structure. As Bitcoin is completely decentralized and doesn’t rely on any trusted 3rd parties, and even the most precise atomic clocks would constitute such parties, the question is: How does the network know what happened at which time? To generate a block by finding the needed target is a question of expended energy and processing power. To put transactions and blocks in order is but a question of time, because without time there would be no order at all.
And without order Bitcoin wouldn’t be able to locate and validate anything. If my node says that it owns 10 bitcoins, then other nodes must somehow be able to validate that indeed at some point in time, my node participated in a transaction that gave it 10 bitcoins. Therefore, the most important function and the real reason why Proof-of-Work exists is to associate events with points in time. Receiving bitcoins, sending them, generating blocks, creating transactions, and so on are all events. But those must be ordered must be associated with some point in time, because without it, there would be no way to prove ownership of coins, not even a way to create them in the first place. The last part of this blog therefore is dedicated for exploration of the time component in Bitcoin.
Nothing can exist without order, and Bitcoin’s blockchain is no exception. In fact, even if Bitcoin didn’t have a blockchain, but instead used a NoSQL database like MongoDB, for example, we’d still have to deal with questions like “when did this transaction happen?”, or “when did address X receive those Y bitcoins?”. Blocks must be ordered in a meaningful way, according to a time factor, to be able to answer such questions. But how are we supposed to create any order in a decentralized network that could never ask anyone “what time it is”? When any node can join and leave the network anytime, there is a problem of communicating the changes between nodes, and time is one of those changes.
Dealing with a system that’s trustless by design, we also encounter the problem that no node is required to trust anything, not even time data. The blockchain, due to its nature as a closed system, can’t use external tools like clocks or timestamp servers, which could tell it what time it is. As there is no way to ensure that all participants have received the same information at the same time, any clock, no matter how precise, would be simply useless. This would simply go against Bitcoin’s design as decentralized network, because it would need some kind of controller that’s taking care of delivering the same information to all participants without any delays or changes.
But because a blockchain relies upon a collective of independent entities, there is a problem of having the globally available knowledge of time. Therefore, our main question is, how can we create a notion of time in a decentralized network? Or, more general, is there a way to create a decentralized timestamp server? Surprisingly, the answer is the blockchain itself is a decentralized, distributed timestamp server and its Proof-of-Work mechanism is actually the solution for getting a proper notion of time. Simply spoken, a blockchain is a clock. Not a typical clock though, but still, it has its own concept of time. The advantages Proof-of-Work provides, like securing the blockchain, keeping it immutable, keeping it at a 10-minute block creation time, and incentivizing miners are extremely important of course, but these wouldn’t be possible if there was no time embedded in the blockchain itself. Without time the questions of security or immutability wouldn’t exist at all as there would be no possibility to create anything of value in the first place. If we look into Bitcoin’s white paper, we find the entry shown in Figure 7 in the first page.
Figure 7 Bitcoin white paper mentioning the timestamp server
The solution to the double-spend problem we already talked about is a timestamp server that generates proofs, which are ordered chronologically. To get anything of value in Bitcoin demands preventing double spends without exception.
And to double spend something implies the ability of going back in time and executing the same action again, or even multiple times, because without a notion of time, one could “replay” the same action over and over again. To prevent such actions, Bitcoin implements its own timestamp server solution, the blockchain. And because the blockchain defines and controls its own notion of time, there is no way for anyone to take control of it, that is, to redefine timestamps or even make some of them disappear. The time, as defined by the Bitcoin protocol, is locked within the blockchain, as it’s become an integral part of it. If we look into an early version of Satoshi’s Bitcoin source code as shown in Figure 8, we can find this comment:
Figure 8 Snippet from main.cpp from the original Bitcoin Client source code
It isn’t needed to understand the whole C++ source code, just the line following the highlighted one. We see a vector or blocks, which is a term borrowed from mathematics, that means an array of blocks. Instinctively, we’d understand such an array as something physical, like a real chain of tangible blocks, put one after another. But, if we instead substitute physical space with time, we recognize the real meaning of the word “timechain” mentioned in the highlighted comment. These blocks aren’t ordered in space but in time. Instead of counting blocks like block at position 1, block at position 2, block at position 3, etc. we could say tick 1, tick 2, tick 3, etc. And to make those blocks become an orderly line of ticks, we wire them together by using their individual hashes as integral parts of all block headers.
As the blockchain is a clock that’s producing ticks, which exist independently from each other, we need hash values to put them in order. Therefore, each block-tick will at some point in time become the input value for the hashing function that will include its result into the header of the next block-tick. A blockchain contains time particles, which can be used to estimate if and when an event did happen. A transaction between two parties, for example, becomes an event that can be positioned in an orderly line of ticks. This constitutes the expected order of things so that we know, for example, how many bitcoins one has, when someone did spend them, when someone received them, and so on. The Bitcoin white paper itself actually never uses the term blockchain, which also gives us a hint that the correct emphasis should be put on time and not on space or blocks.
The blockchain, being a clock, allows participating nodes to work on creation and validation of blocks without ever communicating with each other, except when a solution has been found. Every node can work for itself, as long as it wants, without ever informing others what it is doing right now. The only thing they need to have in common is the same notion of time, because each time a node finds a solution by using the SHA-256 function, it will communicate it throughout the network, and every other node will then validate it by using its own copy of the blockchain (timechain) to reach a decentralized decision, the Emergent Consensus . A possible solution offered by a mining node must be validated by other nodes which (hopefully) use the same blockchain as the one that just sent the candidate block. Therefore, it’s in the interest of every node that it works on the same blockchain or, in this case, that it knows what time is.
The validation of solutions is basically a procedure that decides if a block should become the next tick. The time periods between blocks, which are on average 10 minutes as seen from our time perspective, are not known in Bitcoin. There is no time between two blocks that’s visible in Bitcoin’s network. It’s not possible to ask the network what happened between two blocks. The only moment something could happen is when a block got included in the blockchain. There are no “gaps” in Bitcoin.
The question that now arises is, how do the participating nodes actually coordinate without communicating? If every node works for itself, the question of coordination becomes extremely critical. Without some kind of coordination, mining nodes could never be sure that their blocks have indeed been accepted by other nodes, and no single node could ever be sure that it has really validated every block from the correct chain.
The solution for this paradox lies in certain properties of the SHA-256 function. The SHA-256 function is memoryless and progress-free. These two terms come from statistics and mathematics (Probability). A function is memoryless, when future results are independent from past results. For example, when we’re throwing a six-sided dice multiple times, the probability of getting a 6 is still 1/6, no matter how often we’ve tried it before. The statistical probability remains the same. The same applies for SHA-256 as generated results have no influence over future results. No matter how long a miner has been mining so far, any other miner has the same chance of getting the correct solution. It plays no role if a miner joined the network right now or has been mining for years. The only way to increase the probability of finding the Nonce is the hash rate miner provides. The higher it gets, the higher the probability of finding the Nonce will become.
Another aspect of the SHA-256 function is the fact that its input set, which means all numerical values one could feed into it, is known in advance. It’s an integer value in range between 0 and 2256. Although extremely large, in fact larger than the number of atoms in the known universe, we can still say that every participating node would be able to find out whether a hash value is valid. And if the input set is known and there are no collisions, then the output set is known as well.
Every node that participates in Bitcoin’s network already has the same set of possible values at its disposal and could anytime check, if a value produced by using a Nonce is indeed below a given target. This in turn also means that every node will only be able to find a value within this set, regardless which of the possible input values it took. This seemingly paradoxical property is what makes finding of hash values so hard and at the same time so easy to prove. Every node knows that a solution is guaranteed to be within the possible set of values of SHA-256, but because of its memorylessness , there is no shortcut to find it. This in turn makes it progress-free , because no matter how often a node has tried in the past to find a solution, each new step has the same chance as any other. A node could never increase its probability of finding solutions based on how long it has been working so far. A node that just joined the network has the same chance, because they all work within the same numerical space that’s not giving them any shortcuts.
The problem is not if there is a solution or not but how to find it as quickly as possible. And the only known “optimal” way to find a solution with SHA-256 is by trying every possible Nonce, one by one, also called the Brute-Force method. This of course is anything but performant, and that’s what makes Bitcoin’s Proof-of-Work so expensive. And it also allows to have an indefinite number of working nodes without demanding any kind of communication or coordination between them.
No matter where they are in space, the difficulty remains the same for every node. The only task they should do in public is sending the solution, if they want it. Even if we would be operating a “private mining node” that, for whatever reason, never publishes its Nonces, the aforementioned memorylessness of SHA-256 would keep the finding of future values still progress-free. Therefore, every node that joins the network, no matter for how long, affects the process of finding the valid solution for the current target. And as every node knows exactly what the current difficulty is, the range of possible solutions within the SHA-256 result space is the same for each of them. The difficulty is what drives this clock, as it keeps the velocity of solution finding at a constant rate, for every node, regardless of past results. Each time a node finds a Nonce and thus creates a new block, the blockchain knows that it happened exactly at this point in time. The only additional step needed is wiring up those blocks together by using their headers as input values for the hashing function. Bitcoin’s blockchain gives us the exact time, which we then use to create an orderly line of back-linked blocks.
In this article we have learned the theoretical fundaments of Bitcoin. Having many faces, Bitcoin is fascinating but also too complex to understand at once. Its usage as money is the most prominent but also the only aspect that doesn’t expect any deeper knowledge to start with, at least on a very basic level. From our daily experience with different monetary systems, we instinctively understand what the purpose of Bitcoin as money should be. However, being a truly digital cash, without touching the non-digital world, Bitcoin is hard to understand as technology, that has profound influence on our perception of it but also what money could be or, maybe even, should be. Being scarce, censorship-resistant, bordereless, premissionless, open source, and trustless, this new kind of money is lots of things at once. So, what makes it “tick”?
This is where we introduce additional concepts like Decentralized Network, Proof-of-Work, and Time. Bitcoin’s Network is based on a decentralized, replicated, append-only database, which we call the blockchain. To prevent replication of data, the so-called double spends, which by the very nature of the digital domain is actually impossible, we wire blocks together and implement the Proof-of-Work functionality to make later changes extremely costly. We also take care of ordering the events that happen in the network by making the blockchain work like a giant, decentralized clock, where every block represents a single “tick”. To achieve this, we give Bitcoin its own notion of time that makes it independent from external factors, because Bitcoin knows no authorities or trusted intermediaries. And by using the special properties of SHA-256 hashing function, we take care of providing a global, space- and time-independent, decentralized environment for every participating node.