What Are Bitcoins?

People refer to Bitcoin as a digital currency, virtual currency, or cryptocurrency, but it may be easier to think of it as an electronic asset. The word currency often side-tracks people when they are trying to understand Bitcoin. They get caught up trying to understand aspects of conventional currencies which do not apply to Bitcoin, for example, what backs it (nothing) and who sets the interest rate (there is none). Bitcoin is also sometimes described as a digital token, and in some respects that is accurate; but, alas, the term token is now also used to mean something more specific, so the ambiguity of this term too is best avoided.

Bitcoins are digital assets (‘coins’) whose ownership is recorded on an electronic ledger that is updated (almost) simultaneously on about 10,000 independently operated computers around the world that connect and gossip with each other. This ledger is called Bitcoin’s blockchain. Transactions that record transfer of ownership of those coins are created and validated according to a protocol - a list of rules that define how things work and which therefore govern updates to the ledger. The protocol is implemented by software - an app - that participants run on their computers. The machines running the apps are called ‘nodes’ of the network. Each node independently validates all pending transactions wherever they arise, and updates its own record of the ledger with validated blocks of confirmed transactions. Specialist nodes, called miners, bundle together valid transactions into blocks and distribute those blocks to nodes across the network.

Anyone can buy bitcoins, own them, and send them to other people. Every Bitcoin transaction is recorded and shared publicly in plain text on Bitcoin’s blockchain. Contrary to many media articles, Bitcoin’s blockchain is not encrypted. By design, everyone sees all details of all transactions. Anyone can, in theory, create bitcoins for themselves too. This is part of the block creation process, called mining.

The purpose of Bitcoin is described in its whitepaper - a short document written by a pseudonymous Satoshi Nakamoto, published in October 2008. It describes why Bitcoin exists and how it should work. It is worth reading the whitepaper in full. It is only nine pages long and available online. It sets out the purpose of Bitcoin, and how Bitcoin derives  both value and utility. For the first time in history, we have a system that can send value from A to B, without the physical movement of items or using specific third-party intermediaries. It is difficult to overstate how important a milestone this is in the evolution of payments. As generalized by cryptocurrency industry commentator Tim Swanson, Bitcoin is designed as censorship resistant digital cash. There is no mention of a blockchain or ‘block chain’ at all in the original Bitcoin whitepaper, even though we are constantly reminded by the media that Bitcoin is built on blockchain or that blockchain is the underlying technology of Bitcoin. A chain of blocks was not the purpose of Bitcoin, it is just the design that was developed to achieve the objective - the solution to the business problem.

The Bitcoin blockchain is managed by software running on computers that communicate with each other forming a network. Although multiple compatible software implementations exist, the most commonly used software is called ‘Bitcoin Core’ and source code to this software is published on GitHub. This software contains the full range of functionalities needed for the network to exist.
However, in practice, the software is usually only used for its bookkeeping function.

To understand how Bitcoin works, and why it works the way it does, it is important to keep in mind the objective: to create an electronic payment system that cannot be censored, and to allow anyone the ability to send payments ‘directly from one party to another without going through a financial institution’.

Such a system cannot have a central administrator managing the ledger, as that administrator would be the financial institution that Bitcoin is set up to avoid. The system therefore needs to be able to be operated by anyone, without any need to identify themselves or gain permission from a gatekeeper. The moment that parties need to identify themselves, they lose privacy and are vulnerable to interference, coercion, prison, or worse. This goes for both administrators of the system and users themselves. So every single part of the solution needs to work with these constraints in mind.

Instead of names or account numbers and passwords, why not use public keys as the account number, and digital signatures instead of passwords? By using public keys as account numbers, anyone can create their own accounts with their own computer without having to ask an administrator for an account number. Remember, a public key is derived from a private key, which is a number picked at random. So you create an account by picking a random number (your private key) and doing some maths on it to get your public key. In Bitcoin and most other cryptocurrencies, account numbers are mathematically derived from public keys (not public keys themselves), and are called addresses. You can tell the world this Bitcoin address to allow people to pay to it. No one can spend anything from it unless they have the private key, which only you have. You can also create as many addresses as you want and your wallet software will manage all of them for you.

Public/private keypairs also solve the authentication problem. You don’t have to log in to prove that you are the account holder. When sending a payment instruction you digitally sign the transaction with your private key, and this signature proves to the administrator that the instruction is indeed coming from you, the account holder. You can create and sign the transaction offline without being connected to any network. When you broadcast the signed transaction to the administrator, all the
administrator has to do is check that the digital signature is valid for the respective account number, rather than maintain a list of usernames and passwords for you and all transacting parties.

In Bitcoin, any individual with a computer, adequate storage, and access to internet bandwidth can download some software (or write their own), connect to a few neighbors, and become a bookkeeper. New transactions are broadcast to all bookkeepers via a gossip network, and each bookkeeper relays new transactions to as many others as they are connected to. This ensures eventual propagation of transactions to all bookkeepers.

Bitcoin is digital, but it works more like physical cash. With cash you open your wallet and take this specific $10 note which you received earlier and pay $8 for your coffee and expect $2 change. Bitcoin is similar: for every payment you make, you have to specify exactly which coins you are spending - that is, which specific bitcoins that you received earlier. You refer to these received bitcoins by the transaction hash that sent the coins to you. In the same way that blocks build on each other by referring to the previous block’s hash, transactions also refer to each other using a previous transaction’s hash. When you make a Bitcoin payment, you say, ‘Take this bundle of money that came in to my account in this transaction, and pay some of it to this account and return the change to me’.

Hence all bitcoins are traceable. You can see the exact composition of every lump of Bitcoin that comes into your account - what it is composed of and where it came from - and you can trace every part of that money via the previous accounts, all the way back to when it was first created in
a coinbase transaction. I say each ‘lump of money’ specifically, rather than ‘each Bitcoin,’ because
you don’t send bitcoins coin by coin, you just send a total amount. Let’s see how this works with an example.

Let’s start with an empty address and assume that you are friends with a Bitcoin miner who has just created a ‘lump’ of 12.5 BTC in a coinbase transaction when they successfully mined a block. The 12.5 BTC is like a single banknote in a physical wallet and needs to be spent in its entirety.
The miner takes pity on you because you have no bitcoins and wants to give you 1 BTC. So the miner creates a transaction spending those 12.5 BTC to two recipients: 1 BTC to you, and 11.5 BTC back to herself. You now have a 1 BTC ‘lump’ in your account.

Now it is your lucky day and a few other people give you BTC. In further separate transactions, you receive ‘lumps’ of 2 BTC and 3 BTC. So now you have 6 BTC in your wallet, in three lumps: 1 BTC, 2 BTC, and 3 BTC. Most people think in terms of ‘account balances’ (i.e., my account goes up and down) whereas Bitcoin ‘thinks’ in transactions (the transaction spends this money and puts it there). The lumps are the result or output of a transaction, and they are unspent because you haven’t spent them yet.

The transaction is created and signed by the sender using their private keys. This signed transaction is then sent to a node (bookkeeper) who validates it according to business rules (e.g., Does this UTXO - Unspent Transaction Outputs - exist? Has it been spent before?) and technical rules (e.g., How much data does the transaction contain? Is the digital signature valid?), and if found to be valid, the bookkeeper keeps this transaction in a pool of ‘unconfirmed transactions’ that they have heard about, called a mempool or memory pool. They then propagate this transaction to their neighbors in the network. Each neighbor follows the same process. Eventually a miner or block-creator picks up this transaction and decides whether they want to pack it into a block, and if so, they start mining the block. If the miner is successful in mining the block, they propagate the block to other miners and bookkeepers and each node records this transaction as confirmed in a block.

When people say Bitcoin is ‘peer-to-peer’ what do they mean? Firstly, data is sent between bookkeepers in a peer-to-peer way, i.e., directly and not via a central server. Transactions and blocks are sent between bookkeepers who are each as important in status as each  other - that is, they are peers. They use the internet to send data between themselves, instead of a 3rd party infrastructure like the SWIFT network used by major banks.

Second, Bitcoin payments are often described as peer-to-peer (i.e., with no middle man). But is this really true? Up to a point. A physical cash transaction is definitely peer-to-peer as there are no other actors other than the payer and the recipient. But Bitcoin also has intermediaries such as miners and bookkeepers. The difference between Bitcoin payments and bank payments is that, with Bitcoin payments, the intermediaries are non-specific and can act in lieu of each other, whereas traditional banks and centralised payment services are specific intermediaries. For example, if you have an account with HSBC you can’t instruct another bank such as Citibank to move your money, but in Bitcoin any miner can add your transaction to a block they are mining.

Peer-to-peer models of data distribution are like a gossip network where each peer shares updates. Peer-to-peer is in many ways less efficient than client-server, as data is replicated and validated many times, once per machine, and each change to the data creates a lot of noisy gossip. However, each peer is independent and the network can continue operating if some nodes temporarily lose connectivity. And because there is no central server that can be controlled, peer-to-peer networks are more robust and resistant to shutdown, whether accidental or deliberate.

In anonymous, and therefore untrusted, peer-to-peer networks, each peer needs to operate on the basis that any other peer could be a bad actor. So every peer needs to do their own homework and validate transactions and blocks, rather than trusting other peers. The network as a whole acts honestly, if populated by a majority of honest nodes.

What can and can’t miscreants do? The impact of a malicious bookkeeper is very limited. They can withhold transactions and refuse to pass them to other bookkeepers, or they can present a false view of the state of the blockchain to anyone asking them. A quick check with other bookkeepers will reveal any discrepancies. So the impact of a malicious miner is also actually quite limited.
Furthermore, a miner discovered to be enabling double spends could quickly find themselves cut off from the rest of the network if the rest of the network informally agrees to take action. Honest miners might agree not to build on blocks generated by a malicious miner.

Transactions are payment instructions of specific amounts of Bitcoin (UTXOs) from one
user-generated account (address) to another. The transactions are created using wallet software, authenticated with unique digital signatures, then sent to bookkeepers (nodes) who individually
validate them according to some well-known business and technical rules. The bookkeepers then add valid transactions to their mempool and distribute them to other bookkeepers that they are connected to.

Miners gather these individual transactions into blocks and compete with each other to mine their blocks by tweaking the block contents, specifically the nonce field, until the hash of the block is smaller than some target number. The target number is based on the difficulty setting at the time, which is derived from the time taken to mine the previous set of blocks to achieve a network-wide target frequency of one new mined block every 10 minutes. Miners receive a financial incentive in the form of new BTC and transaction fees which they may credit themselves, to compensate for spending resources to perform the competitive, repetitive hashing needed to create valid blocks.

The blocks link to each other in a unique sequence to form a ledger, the Bitcoin blockchain, that is recorded identically almost simultaneously on thousands of computers around the world that run Bitcoin software. If a Bitcoin transaction is not recorded on this blockchain, it is not a Bitcoin
transaction. It doesn’t exist. A Bitcoin transaction recorded outside this file does not form part of the ledger. There is no central authority who controls the ledger or who can censor specific transactions. Different blockchain platforms or systems work differently. If you relax or change the aims or constraints, the design of the solution can also change.