May 20, 2023
Bitcoins are created through a process called mining, which involves competing to find solutions to a mathematical problem while processing bitcoin transactions. What is that mathematical problem?
Participants or miners, who use the bitcoin stack to run the bitcoin network on their machine, use their computer’s processing power to verify and record transactions. Every 10 minutes, on average, a bitcoin miner is able to validate the transaction of the past 10 minutes and is rewarded with brand new bitcoin. How is this helpful? This mining thing decentralizes the currency-issuance and clearing functions of a central bank and replaces the need for any central bank (RBI). No single authority has the power to print money in any way they wish.
So, what would happen if we mined all the bitcoins? How will miners get incentivized to keep running their node? The miners will be incentivized with the fees alone. The process of mining bitcoins involves halving the block reward approximately every four years. Based on this information, it is estimated that the last bitcoin will be mined around the year 2140.
Bitcoin represents the culmination of decades of research in cryptography and distributed systems and includes four key innovations brought together in a unique and powerful combination. Bitcoin consists of:
The key innovation was to use a distributed computation system (called Proof-Of-Work) to conduct a global “election” every 10 minutes, allowing the decentralized network to arrive at consensus about the state of transactions.
A bitcoin wallet is the most common user interface to the bitcoin system, just like a web browser is the most common user interface for the HTTP protocol.
Bitcoin addresses start with a 1 or 3. There is nothing sensitive, from a security perspective, about the bitcoin address. A wallet is simply a collection of addresses and the keys that unlock the funds within.Only once it has been associated with a transaction does it become part of the known addresses in the network.
Transactions move value from transaction input to transaction outputs. An input is a reference to a previous transaction’s output, showing where the value is coming from. A transaction output directs a specific value to a new owner’s bitcoin address and can include a change output, back to the original owner.
When Alice initiates a transaction to Bob, it contains a script that says something like, “This output is payable to whoever can present a signature from the key corresponding to Bob’s public address”. Because only Bob has the wallet with the keys corresponding to that address, only Bob’s wallet can present such a signature to redeem this output.How does this transaction become a part of a new block and how the block is mined?
The algorithm for Proof-Of-Work involves repeatedly hashing the header of the block and a random number with the SHA256 cryptographic algorithm until a solution matching a predetermined pattern emerges. The first miner to find a solution wins the round of competition and publishes that block into the blockchain.
When Alice's transaction is validated by the mining software, it is included in a candidate block. Miners in the mining pool compute Proof-of-Work for the candidate block. If a miner finds the solution, they announce it to the network. Once the winning block is validated by other miners, they compete to generate the next block
BIP stands for Bitcoin Improvement Proposal
1$ bitcoind -printtoconsole
2Bitcoin version v0.15.0
3InitParameterInteraction: parameter interaction: -
4whitelistforcerelay=1 -> setting -whitelistrelay=1
5Assuming ancestors of block
7have valid signatures.
8Using the 'standard' SHA256 implementation
9Default data directory /home/ubuntu/.bitcoin
10Using data directory /lotsofspace/.bitcoin
11Using config file /home/ubuntu/.bitcoin/bitcoin.conf
12Using at most 125 automatic connections (1048576 file descriptors
14Using 16 MiB out of 32/2 requested for signature cache, able to
15store 524288 elements
16Using 16 MiB out of 32/2 requested for script execution cache,
17able to store 524288 elements
18Using 2 threads for script verification
19HTTP: creating work queue of depth 16
20No rpcpassword set - using random cookie authentication
21Generated RPC authentication cookie /lotsofspace/.bitcoin/.cookie
22HTTP: starting 4 worker threads
23init message: Verifying wallet(s)...
24Using BerkeleyDB version Berkeley DB 4.8.30: (April 9, 2010)
25Using wallet wallet.dat
28scheduler thread start
30* Using 250.0MiB for block index database
31* Using 8.0MiB for chain state database
32* Using 1742.0MiB for in-memory UTXO set (plus up to 286.1MiB of
33unused mempool space)
34init message: Loading block index...
35Opening LevelDB in /lotsofspace/.bitcoin/blocks/index
36Opened LevelDB successfully
37[... more startup messages ...]
A transaction ID is not authoritative until the transaction is confirmed. The absence of a transaction hash in the blockchain doesn't mean it wasn't processed. This is called transaction malleability, where transaction hashes can be modified before confirmation. Once confirmed, the txid becomes immutable and authoritative.
Bitcoin uses elliptic curve multiplication as the basis for its cryptography. The public key is used to receive funds, and the private key is used to sign transactions to spend the funds. The private key (k), a random number, is used to generate a public key (K) through elliptic curve multiplication. The public key (K) is then transformed into a bitcoin address (A) using a cryptographic hash function.Why use Asymmetric Cryptography (Public/Private Keys)?
It’s not used to encrypt the transactions. Rather, the useful property of asymmetric cryptography is the ability to generate digital signatures. private key + transaction fingerprint = digital signature. Anyone with access to the public key and the transaction fingerprint can use them to verify the signature.How to generate a private key?
Most important step in generating keys is to find a secure source of entropy, or randomness. The private key can be any number between 1 and n - 1, where n is a constant (n = 1.158 * 1077, < 2256) defined as the order of the elliptic curve.
The size of bitcoin’s private key space, (2256) is an unfathomably large number. It is approximately 1077 in decimal. For comparison,the visible universe is estimated to contain 1080atoms.
It is 256 bits, shown as 64 hexadecimal digits, each 4 bits.How to generate a public key?
The public key (K) is obtained through irreversible elliptic curve multiplication: K = k * G. Here, k represents the private key, G is a constant generator point, and K is the resulting public key. The reverse operation, finding the private key (k) given the public key (K), known as "finding the discrete logarithm," is as challenging as a brute-force search through all possible values of k.
y2 % p = (x3 + 7) % p
The % p (modulo prime number p) indicates that this curve is over a finite field of prime order p, also written as ኀp, where p = 2256 – 232 – 29 – 28 – 27 – 26 – 24 – 1, a very large prime number. The following is a point P with coordinates (x,y) that is a point on the secp256k1 curve:
1 P = ( 55066263022277343669578718895168534326250603453777594175500187360389116729240,
Implementing the elliptic curve multiplication, we take the private key k generated previously and multiply it with the generator point G to find the public key K:
K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G Public key K is defined as a point K = (x, y): K = (x, y), where x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
1 A = RIPEMD160(SHA256(K))
Where K is the public key and A is the resulting bitcoin address. Bitcoin addresses are almost always encoded as “Base58Check”, which uses 58 characters and a checksum to help human readability. Base59 is a text-based binary-encoding format developed for use in bitcoin and used in many other cryptocurrencies. Base58 is Base64 without 0 (zero), O (capital o), l (lower L), I (capital i), and the symbols +, and /.
To convert data into a Base58Check format, we first add a prefix to the data, called the “version type”. For, e.g., in the case of bitcoin address the prefix is zero (0x00 in hex), whereas the prefix used when encoding a private key is 128 (0x80).
Now, we compute the “double-SHA” checksum.
checksum = SHA256(SHA256(prefix + data))
This gives us a 32-byte hash, we take only the first four bytes. These four bytes serve as the error-checking code, or checksum. The checksum is concatenated to the end. Thus, the result is composed of three items: a prefix, the data, and a checksum. Then it is encoded using the Base58 alphabet.
|Base58 Result Prefix
|Bitcoin Testnet Address
|m or n
|Private Key WIF
|5, K or L
|BIP-32 Extended Public Key
BIP-38 proposes a common standard for encrypting private keys with a passphrase and encoding them with Base58Check so that they can be stored securely on backup media, transported securely between wallets, or kept in any other conditions where the key might be exposed. The standard for encryption uses the Advanced Encryption Standard (AES). The result of the BIP-38 encryption scheme is a Base58Check-encoded encrypted private key that begins with the prefix 6P.
A common misconception about bitcoin is that bitcoin wallets contain bitcoin. In fact, the wallet contains only keys. The “Coins” are recorded in the blockchain on the bitcoin network. In a sense, a bitcoin wallet is a keychain.
There are two primary types of wallets, distinguished by whether the keys they contain are related to each other or not.
How to generate the mnemonic words?
The wallet starts from a source of entropy, adds a checksum, and then maps the entropy to a word list:
|BIP-39 English Word List (2048) Words
|000 0000 0000
|000 0011 0000
|111 1111 1111
Mnemonic words, typically 12 to 24 in length, represent entropy ranging from 128 to 256 bits. This entropy is utilized to generate a 512-bit seed using the key-stretching function PBKDF2. The resulting seed is then employed to construct a deterministic wallet and derive its keys.
What is an extended key and how to use it?
Subscribe to the newsletter to learn more about the decentralized web, AI and technology.