I have spent lots of time trying to understand how Bitcoin works. I never found anything that explained it well, so I wrote this - it’s exactly the kind of article past me would like to read. Although I already had some computer science knowledge, I also explain some well known CS tools that make the whole thing click, so hopefully anyone can jump in and follow along. There will be simplifications and sometimes blatant oversimplifications, but they are there chiefly to omit things that are more implementation detail than core concept, or just plain uninteresting.
Turned out a bit long, so this is the first part of a series.
Why does everyone suck at explaining this?
There are tons of articles floating around the web that attempt to explain Bitcoin and blockchain technology in simple terms. Yet all the “Bitcoin for Dummies” or “Bitcoin Explained So Well Even Your Mom Would Understand” usually miss the point of explaining it. They strive to avoid scary tech words like “hash functions” or “asymmetric encryption”, but end up avoiding the concepts themselves. They give you a vague general idea behind it, such as “it’s a book full of transactions shared by everyone and everyone can write in it”, and leave it at that. But why is it so trustworthy that people use it for payments? Why do people even use it? What’s the big deal? You’re left to wonder.
Take a look at this video. What’s a blockchain? It’s a database! And it’s secured by cryptography! Which is probably the least informative and least interesting way you can put it. Most of the informational material I’ve encountered is like this - pretty infographics that have no idea what they’re talking about.
The most extreme, such as this one, take avoidance of technology to an extreme and develop elaborate metaphors with camera monitored rooms and transparent piggy banks. The result is a surreal mental image that looks more like a bizarre thought experiment than real technology used to transaction millions of dollars worth of digital assets every day. This particular example is meant for actual 7 year olds, but it doesn’t answer the question any 7 year old would, and any reasonable adult should, ask: why?
The terminology also doesn’t help. There’s talk about “coins”, “miners” and “digital gold”, but all of these terms are awfully misleading because there’s nothing in Bitcoin that resembles a coin or digging precious things out of the ground. A popular statement is that Bitcoin mining is done by computers “solving hard computational problems”, so for a long time I used to think that there’s some grand problem (like executing a complex physical simulation?), and each Bitcoin represents one of the numerical solutions to that problem. There’s also a common misconception that every Bitcoin has a unique name, or identifier. This is of course horribly wrong, for many reasons, and the reality is much different.
Bitcoin is complex. That’s the only way it could possibly work. That doesn’t mean it cannot be explained in simple terms, though. After all, complex things do not just spring into being out of thin air. Complex things are created by adding simple things together out of necessity. To really understand them, we need to understand the necessity behind it. We need the why just as much as the how. We have to to better if we want this technology to become widespread.
So, let’s go try and design our own decentralized virtual currency, step by step, from scratch.
Why use virtual currency
You might be asking yourself, “Why even do this? Why would people buy and use virtual currency? It’s just some blips in a computer, it’s worthless…”. The reality is, you’re using one already.
Many national currencies already exist mostly virtually in bank accounts. Notes and coins are more of a token that temporarily allows you to manipulate currency in the real world, but in the end, they go back to the bank. If everyone decided to cash out their accounts, there would be not nearly enough notes to cover that, as banks are only required to keep cash in amounts necessary for day-to-day operations. They are just as worthless too - they are literally just pieces of paper. The value is not the object, though - it’s the fact that people will universally accept it as payment, because they in turn know they can use it for payment themselves. The only thing needed is confidence in the currency.
At one time, people exchanged things they didn’t want for the things they wanted. This was uncomfortable, though, because you can’t easily divide a cow or carry it around (unless you want steak). It’s also hard to find a buyer that also has something useful to sell to you. So, people started using small, divisible things valued by most, such as gold, silver, or squirrel pelts. Then, governments and banks started to issue notes promising to pay a certain amount of goods on demand, so people started carrying those instead. The notes were so convenient, people started using them instead. Therefore, backing them by metal was rendered obsolete and then mostly removed, and no one really cared.
Is it all a big lie? Yes. Does it work? Yes. There is no need for money to have inherent, objective value - it’s useful just the same if people believe it to be valuable.
There is, however, a weakness in the system. A small group of people controls it, and they can sometimes make questionable decisions, like print huge amounts of money for their own needs (like in Zimbabwe). Another example is recent demonetisation in India and Venezuela. Governments essentially told their citizens their money isn’t worth anything. Imagine gathering your life savings over the years and then being told you can’t actually use them anywhere, and you have to hope that you’ll be able to get your hand on replacements and also not too many people die in the ensuing protests.
This is not meant to be alarmist or paranoid - there’s usually some competent people at the top, and the system usually works OK. But why not do better?
Someone, or most likely someones named Satoshi Nakamoto set out in 2009 to check if can we the system not on the decisions of a handful of people, but rather something much more reliable, such as people’s love of lotteries. Turns out, we can.
A bank run by everyone
The idea goes: let’s make a bank which everyone can run, so that no one person bends it to their own agenda.
We can start by giving account numbers to people interested in using our currency, along with some starting amount of money assigned to them (in Bitcoin you actually don’t get starting money, new money is created in another way - but let’s pretend you do for now). Then, let’s start a book with transactions, copies of which we pass around between everyone in our network. Because we want the network to be unbiased and not controlled by any single person, we allow anyone to record their transactions in the book, announce that the book got updated, and let everyone downloads the update with their new transaction. Also, note that we don’t actually need a proper account balance recorded anywhere - whenever we need it, we can just go through the whole transaction book backwards and figure it out. Since our book is actually digital, it’s easy.
An immediate problem with this is, what if someone impersonates you and records a transaction that states you sent all their money to them? There is no obvious way to tell that the owner of the account is really the one that wrote the transaction in the book. If we start using classic passwords, everyone would have to know the passwords to check them, otherwise designated password checkers would be in control of the network. And if everyone knows everyone else’s passwords, they are useless.
Fortunately, there is a tool that will help us solve this problem. Cryptography to the rescue! Presenting…
Exhibit A: Asymmetric encryption
Most people have encountered some kind of cipher in their life, usually as a riddle or puzzle. Often, the cipher substitutes letters in the text for arcane symbols. You need a sheet which tells you which symbol is which to decipher the text. You can also use it to write your own secret text. We could call that sheet a cipher “key”.
Another simple cipher is the Ceasar’s cipher. It’s simple: for example, for key 2, instead of each letter you use the letter that’s 2 places further in the alphabet. So BITCOIN becomes DKVEQKP. To decipher, you do the reverse - substitute letters 2 places earlier in the alphabet. Note that just knowing that Ceasars’s cipher was used does not make you able to read the secret text - you need to know the key. Once you know it, you can use it both for encrypting and decrypting texts.
One problem with this is when you want to use a cipher to secretly communicate with a stranger. You first need to decide on a key - but anyone listening will catch your key. They will be able to read all your communication anyway then, so you might as well not use ciphers at all.
However, decades of cryptography research gave us ciphers that are very complex and very special - they enable you to split the key into two. There’s a cipher key, which can only be used for encrypting, and a decipher key, which can be only used for decrypting. This way, you can freely publish your cipher key, and anyone can encrypt a message for you. You keep the decipher key to yourself, so no one, not even the author of the message, can decrypt it except for you. (For this reason, they are also commonly called the “public key” and the “private key” - but this arises from the usage, and isn’t clear about what they actually are). So whenever someone writes you a message, they use your cipher key, whenever you write to someone - you use theirs.
In many ciphers, the private key can also be used to produce a signature based on the text that’s being signed, and the public key can be used to verify that the signature could only have been produced using the corresponding private key.
How is this relevant to our transaction book? If we use public keys as our account numbers and produce a signature with our cipher for every transaction we make, it becomes easy to prove that the transaction is legitimate - just take the account number and check that the signature could really only be produced by someone who has the private key to that account. Now we have transactions in the transaction book that can’t be forged.
You might have already encountered a Bitcoin address (account number). It’s always very long - there are 2^160 possible account numbers. For comparison, there are roughly 2^63 grains of sand on all the beaches and deserts on Earth. 2^64 is twice as much, and 2^65 four times as much. You get the idea…
This ensures that everyone can randomly generate an account number and its key by themselves, without any coordination, and practically no one will get someone else’s account by accident. You can actually go to the directory of all Bitcoin addresses and their private keys, pick an address and the corresponding key, and start using it as yours. You’ll notice that there’s so many to choose from, you don’t need to worry about anyone choosing the same one as you.
(DON’T actually do this. You’re likely to choose some page numbers and positions in the list than others, weakening your security against someone trying likely choices. The pages you’re visiting are also saved in your browser history. You’re much better off using a proper wallet generator to get your new fancy pair of keys.)
So we achieved a forge-proof transaction book - everyone has a private key, and they use it to sign their transactions. The signatures can be verified by looking at their account number and the contents of the transaction. The book is not exactly usable yet, though - there’s many copies of it floating around, and what do we do if one copy ends up with different transactions than the other? How do we agree on which one is the correct version? This is where the Bitcoin solution really shines, and we’ll look into it in the next post.
The next part of the series can be found here.