Skip to content

Introduction to Bitcoin

First blockchain platform, launched in 2009

Inspired by cash, strongly based on cryptocurrency

Satoshi Nakamoto

Pseudonym of creator(s) of Bitcoin.

His identity is unknown.

Stopped contributing to Bitcoin in 2011.

Bitcoins directly pertaining to him are still unspent.

Features

Decentralized currency/assets.

No backed by any reserve.

Transactional.

Legalized in El salvador and the Central African Republic.

Anonymity

Bitcoin accounts are public keys, hashed.

Anonymous but not private.

All the transactions are public, identity may be inferred.

More private alternatives exist, e.g., ZCash, Monero.

Innovations

Solution to the double spending problem without trusted authority

Consensus in the permissionless setting

Limitations

Proof of work consensus cause massive waste of energy.

Low throughput: only 7 transactions per second. (while traditional electronic payment systems can handle thousands of transactions per second). This can be mitigated using layer 2 protocols.

Slow finality: ~1 hour to finalize a payment

Blocks

Proof of Work in Bitcoin

Based on the hash puzzle

Target is updated every 2016 blocks with a deterministic function that guarantees that a new block is mined in 10 minutes on average. Notice that 2016 blocks are mined in approximately 2 weeks.

Creating New Coins

Each block creates a certain amount of Bitcoins, typically taken by the miner who create the block.

The current block reward is 3.125 BTC. It is halved approximately every four years. Last halving was in 2024.

Technically, the first transaction of the block collects the reward. Such transaction is called Coinbase transaction.

Transactions and UTXO

Blockchain Transactions

Blockchain is a chain of blocks of transactions

A transaction, when appended to the blockchain, modifies the state of the system. e.g., it transfers some currency from one to another.

A transaction can live outside of the blockchain.

Simplified cryptocurrency: \(<h(c),B,SIGN_A(h(c),B)>\).

  • \(h(c)\) is the hash of a previous transaction/coin.
  • \(B\) is the recipient.
  • \(A\) is the previous owner of the coin \(c\).
  • A signs the new coin authorizing the payment.
  • Each transaction consumes exactly one coin.
  • Cannot spend 2 or more coins with a single transaction.

Looks like a linked list

Simplified UTXO Model

What if I only want to spend a fraction of my coin?

  • Each transaction has a set of outputs, each associated with a certain amount of currency
  • Outputs may refer to different payees.
  • The sum of the output values must <= the sum of the input values. (except Coinbase transactions that generate new currency)

Transaction from a directed acyclic graph.

The total amount of currency corresponds to unspent output value. The model is called Unspent Transaction Output (UTXO).

Transactions are composed by a set of inputs, a set of outputs and the signature of the payer.

Bitcoin Transactions

Bitcoin transactions are more general: each output is associated with a Boolean condition.

In order to redeem an output, a transaction needs to provide some values that make the condition evaluate to true.

The script just checks that the redeeming transaction is signed by the payee, but other conditions are possible (e.g., check two signatures)

Scripts enable smart contracts on Bitcoin.

Scripts

Bitcoin Script

Bitcoin script is a simple stack-language

A script consists of a sequence of instructions

Intermediate values are saved in a stack.

No cycles/recursion/jumps: termination is guaranteed, but expressiveness is limited (non-Turing-complete)

Operations

Push operations.

Control glow: IF, ELSE

Stack: DUP, SWAP, ROT...

Logic and arithmetic

Crypto: HASH, CHECKSIG...

Lock Time

The Script language allows timed conditions that evaluate to true only if the current time is above a given threshold

Time can either be absolute or relative to the time of the output being spent

Time can be the block number or the block timestamp

Timed constraints are pretty useful for smart contracts

Bitcoin Contracts

Bitcoin contracts are protocols that use bitcoin transactions

Transactions and the blockchain provide appropriate level of security

A substantial part of the contract is run off-chain.

Example: Timed Commitment

Scenario:

  • A wants to choose a secret value that she will reveal by time \(t\) in the future.
  • B wants the guarantee that A will reveal the secret she chose within time \(t\).
  • Actually, if A fails to reveal she will be sanctioned with a certain amount of currency that will be received by B.
  • Applications in gambling and games, where the secret could be the move of a player.

Solution:

  • A wants to choose a secret value that she will reveal by time \(t\) in the future.
  • B wants the guarantee that A will reveal the secret she chose within time \(t\).
  • Actually, if A fails to reveal she will be sanctioned with a certain amount of currency that will be received by B.
  • Applications in gambling and games, where the secret could be the move of a player.

Example: Micropayment

Scenario:

  • A wants to make a series of micropayments to B.
  • Using standard Bitcoin payments would result in high fees.
  • They decide to use a sort of smart contract.

Solution:

Initialization: A starts by depositing \(k\) Bitcoins in the blockchain. This deposit can be spent jointly by A and B or only by A after a certain amount of time \(t\).

A can then start making micropayments as follows (where \(v \leq z\) is the amount of the payment):

  • A signs a transaction that spends the deposit, and sends it to B.
  • The transaction has two output, one paying v BC to B and one k-v BC to A.
  • B can sign the transaction and append it to the blockchain, closing the payment channel.
  • Otherwise, the payment channel remains open and A can make further payments by signing other transactions with increased value.
  • Eventually, B will redeem or A will reclaim the deposit after time t.

Notice that in the end only two transactions are submitted to the blockchain.