From: 3blue1brown
Understanding Bitcoin: A Ledger-Based Currency
Bitcoin is a fully digital currency not issued by any government, nor managed by banks for accounts or transactions [00:00:07]. It operates on a system of decentralized, trustless verification rooted in cryptography [00:02:11]. To grasp “what it means to have a Bitcoin,” one must understand its underlying technical details [00:00:24].
From Communal Ledgers to Digital Currencies
The foundational concept of Bitcoin can be understood by imagining a communal ledger used by friends to track payments [00:00:36]. Initially, this ledger is public, like a website where anyone can add new lines, and settlements occur monthly [00:02:55].
A key challenge with such a public ledger is preventing unauthorized entries, such as Bob falsely recording “Alice pays Bob $100” without Alice’s approval [00:03:31].
Role of Cryptography and Digital Signatures
This is where digital signatures come into play [00:03:44]. The concept is that Alice can add something to a transaction that proves her approval, making forgery infeasible [00:03:49].
A digital signature system involves:
- Public Key-Private Key Pair: Everyone generates a unique pair, each being a string of bits [00:04:17]. The private (or secret) key (SK) is kept secret, while the public key (PK) is shared [00:04:24].
- Message-Dependent Signatures: Unlike handwritten signatures, a digital signature changes for different messages [00:04:42]. It’s a string of ones and zeros, often 256 bits long [00:04:47]. Even a slight alteration to the message completely changes the signature [00:04:52].
- Signing and Verification: A signature is produced by a function depending on both the message and the private key [00:05:00]. A separate function, using the public key, verifies if a signature is valid [00:05:21]. It is infeasible to find a valid signature without knowing the secret key, as it would require guessing and checking 2 to the power of 256 possible signatures [00:05:42].
To prevent replay attacks (where a valid signed transaction is copied multiple times), each signed transaction must include a unique ID [00:06:42].
From IOUs to “Ledger Dollars”
Initially, the ledger still relies on an honor system for settling up in cash [00:07:24]. To eliminate this need for trust, the system evolves:
- Everyone contributes initial funds to a virtual “pot” recorded on the ledger [00:07:57].
- Transactions are only accepted if the sender has sufficient funds already recorded on the ledger [00:08:09]. This means verifying a transaction requires knowing the full history of transactions [00:08:32].
This crucial step disconnects the ledger from physical currency, allowing the quantities on the ledger to become their own independent currency, termed “ledger dollars” (LD) [00:08:48]. This is the first fundamental point about Bitcoin: it is a ledger, and the history of transactions is the currency [00:09:44].
The Decentralization Challenge: Consensus in a Trustless System
The next challenge is decentralizing the ledger itself, as relying on a central website or authority introduces a point of trust [00:10:13]. The solution is for everyone to keep their own copy of the ledger [00:10:27]. Transactions are then broadcast globally [00:10:32].
The core problem becomes: How can everyone agree on the correct ledger, ensuring that all participants are recording the same transactions in the same order, without a central authority [00:10:49]? This is the problem addressed in the original Bitcoin paper [00:11:38].
Bitcoin’s Solution: Proof of Work and Cryptographic Hash Functions
Bitcoin’s high-level solution is to trust whichever ledger has the most computational work put into it [00:11:44]. This is achieved using cryptographic hash functions [00:11:55].
Cryptographic Hash Functions
A hash function takes any message or file as input and produces a fixed-length string of bits (e.g., 256 bits) as output, called the hash or digest [00:12:30]. Key properties:
- Deterministic but Random-Looking: Always gives the same output for a given input, but the output appears random [00:12:48].
- Sensitive to Input Changes: Even a slight change in the input completely alters the resulting hash [00:12:52].
- One-Way (Infeasible to Reverse): For a cryptographic hash function like SHA256, it’s infeasible to find an input that produces a specific output without guessing and checking [00:13:17]. The amount of computation needed to reverse a 256-bit hash is astronomical (2 to the power of 256) [00:13:35]. While there’s no rigorous proof that it’s hard to compute in reverse, modern security relies on this property [00:14:01].
Proof of Work
A “proof of work” demonstrates that significant computational effort has been expended [00:15:29]. For example, if someone finds a “special number” that, when appended to a list of transactions, makes the SHA256 hash of the entire thing start with 30 zeros, it’s highly probable they went through about a billion guesses (1 in 2^30 chance) [00:14:38]. Once found, this proof is quick to verify [00:15:23]. Crucially, altering any part of the original data invalidates the proof, requiring new extensive computation [00:15:39].
Building the Blockchain
The distributed ledger is organized into “blocks” [00:16:19]. Each block contains:
- A list of transactions [00:16:22].
- A proof of work (a special number causing the block’s hash to start with a certain number of zeros) [00:16:22].
- The hash of the previous block in its header, linking them together [00:16:50]. This chaining means any alteration to a past block requires redoing all subsequent proofs of work [00:17:00]. This structure is why it’s called a blockchain [00:17:22].
Bitcoin Mining and Block Creation
Block creators, also known as “miners,” listen for broadcasted transactions, collect them into a block, and perform “work” to find the special number for the proof of work [00:17:32]. Once found, they broadcast the new block [00:17:46].
Miners are incentivized by a “block reward,” a special transaction at the top of the block where they create new “ledger dollars” out of thin air [00:17:50]. This process is called “mining” because it requires significant work and introduces new currency into the economy [00:18:20]. From a miner’s perspective, each block is a lottery where they guess numbers rapidly until one finds the correct hash [00:18:41].
Decentralized Consensus and Security
The core protocol addition is: if you hear two distinct blockchains with conflicting transaction histories, you defer to the longest one – the one with the most work put into it [00:19:10]. This mechanism allows for decentralized consensus without a central authority [00:19:28].
Trusting a Payment
You shouldn’t immediately trust a new block [00:21:23]. Instead, wait for several more blocks to be added on top of it. If no longer, conflicting chains appear, you can then be confident that the block is part of the chain everyone else is using [00:21:29].
To fool someone with a fraudulent block, an attacker would need to consistently find proofs of work faster than all other miners combined to maintain a longer chain [00:20:07]. Unless they control close to 50% of the network’s computing resources, the probability of the legitimate chain growing faster is overwhelming [00:20:58]. This ensures the integrity of the system.
Bitcoin Specifics and Transaction Fees
The Bitcoin protocol dynamically adjusts the difficulty of finding a proof of work (the number of leading zeros required in the hash) so that a new block is found, on average, every 10 minutes [00:22:03].
All Bitcoin currency originates from block rewards [00:22:28]. Initially, the reward was 50 Bitcoin per block. This reward is halved approximately every four years (or every 210,000 blocks) [00:22:49]. Currently, the reward is 12.5 Bitcoin per block [00:22:56]. Due to this geometric decrease, there will never be more than 21 million Bitcoin in existence [00:23:00].
Miners also earn money from transaction fees [00:23:13]. Users can optionally include a fee with their payment, which goes to the miner who includes that transaction in a block [00:23:18]. This incentivizes miners to include transactions, especially given that each Bitcoin block is limited to about 2400 transactions [00:23:36]. This block size limit contributes to higher transaction fees and slower processing compared to traditional payment systems like Visa [00:23:56].