Analysis of the functioning of the Bitcoin blockchain
By Inkarias - 2020-11-08
Often presented as a groundbreaking technology for the financial sector, the Bitcoin blockchain is above all a time-stamped accounting register of all transactions that have been carried out on the network since its creation. In the original Bitcoin whitepaper in 2008, Satoshi Nakamoto does not speak of blockchain directly but rather of a timestamp server. The term blockchain appeared later, probably for its more visual, more meaningful side: a chain of blocks containing transactions one after the other. The timestamp is however essential to understand how Bitcoin allows to dispense with a central control body in order to secure the network, and in particular to avoid double spending in the ecosystem. Originally, when Satoshi Nakamoto imagined and designed his BTC vision, his goal was to create a digital, peer-to-peer transactional system similar to real cash.
In a few words before going deeper into the technical aspect of Bitcoin, the function of the blockchain is to maintain the accounting of transactions carried out on the network, while being impossible to falsify, and by preventing double spending. The only existing solution until then to avoid double spending within a digital payment network was to centralize the keeping of the accounting register through a trusted third party. For this, this digital ledger is replicated on all the nodes of the Bitcoin network, we speak of distributed ledger technology and is presented in the form of blocks that are linked to each other, according to a cryptographic process. Cryptocurrencies are only one example of what can be built on top/using distributed ledger technology, commonly called DLT.
The different Bitcoin blockchain mechanisms
A protocol to maintain integrity: Byzantine Fault Tolerance
In order to decentralize the maintenance of the accounting register and the creation of the currency units of the Bitcoin network, Satoshi Nakamoto sought a robust solution to the famous problem of the byzantine fault tolerance problem.
This technical aspect is quite easy to explain if we compare it to a war zone :
Imagine a city besieged by several army corps, led by their respective generals. The latter can only communicate through messengers, traveling on horseback and must agree on the time and modalities of the final attack: it can only be successful if the troops agree perfectly and attack in a coordinated fashion. The problem is, among the generals, as among their messengers, there are unidentified traitors who will try to distort the information.
Now the important factor is to find a method to maintain a consensus between the different loyal generals. If we extrapolate to our subject, in computer science, it is a matter of ensuring that within a network of machines, a sufficient majority continues to follow the correct operating protocol despite the possible presence of defective elements. In the case of the Bitcoin network, this is to ensure that all nodes maintain the monetary accounting of the system by following a set of common rules (consensus), while protecting themselves from various attacks or outages.
The proof-of-work consensus, mining and hashing functions
The proof of work algorithm also called Nakamoto consensus algorithm the first solution that has been found to the problem of the Byzantine generals. It ensures that the Bitcoin network will maintain a consensus around its benchmark accounting, even in the presence of 50% of malicious actors compared to 33% for traditional protocols. POW mining is both the process of creating money on the Bitcoin network but also the economic incentive mechanism that secures the network through the years. There is a reward, the bitcoins created each time a block is added to the chain, which is be distributed randomly to a miner (or a subset of miners) who has proven to the entire network that it will have expended enough energy to ensure its operation and safety. We speak of "coinbase transaction": the reward in bitcoins appears directly on the address of the winning miner. It is halved every four years, thus creating a deflationary monetary issue model imitating the extraction of a precious metal, such as gold. Technically speaking, the real aspect is solving hash with power in order to earn a reward. With the underlying Bitcoin vision and the cost associated to mine, attacking the network is now very expensive and it is therefore more profitable to secure it for the long-term.
Finally, hash functions are mathematical functions which transform a number or even a character string of arbitrary size into an image (number, string) of fixed size. They are one-way, that is to say that it is impossible, by knowing their result, the hash to go back to the original data.
Asymmetric cryptography and UTXO model
Symmetric cryptography is a secure encryption principle: a message is encrypted using a secret key held by the sender and the receiver. To decipher the message, it is enough to know this key. Asymmetric cryptography works using two keys: a public key and a private key. The public key is the encryption key: anyone with it can encrypt a message, but only the owner of the associated private key can decrypt it. In the case of Bitcoin, the issuer of a transaction signs the transaction with their private key, and once broadcast on the network, anyone can verify that the signature is valid using the issuer's public key.
The second important aspect of BTC blockchain is the UTXO model and how it works within the network to protect the users funds and the network security at the same time. The state of the Bitcoin blockchain at a fixed time is a set of "unspent outputs" (UTXO for Unspent Transaction Output). Each Bitcoin address has a set balance, which is the sum of all outflows from addresses that spent bitcoins to that address. A Bitcoin transaction therefore aims to modify the balance of an address by using the UTXOs of one or more addresses. In order to be valid, it must be signed by the owner of the private key associated with the input address (or addresses). It is possible to create consecutive transactions, signed or not, and to distribute them as you wish on the network. However, double spending is prohibited: if it is quite possible to create transactions that spend several times the coins present on an address, only one of them will be validated by the network.
SegWit or Segregated Witness is a backward compatible upgrade of the Bitcoin protocol that fundamentally changes the structure of transactions by moving signature data (thewitness) to a separate database( segregated). Its primary purpose is to correct transaction malleability, but it also helps increase Bitcoin's transactional capacity, improve signature verification, and facilitate future protocol changes.
In Bitcoin blockchain, every transaction has an identifier (txid) represented as a string of hexadecimal characters. For example, the identifier of the first transaction made between Satoshi Nakamoto and Hal Finney is associated to the string f4184fc596403b9d638783cf57adfe4c75c605f6356fbc91338530e9831e9e16
This identifier is an imprint of the transaction, that is to say the result of the application of a hash function to this transaction. It therefore depends on the elements present in the transaction (inputs, outputs and further data) if one of these elements is modified, the identifier is completely changed. In Bitcoin, classic transactions are malleable, that is to say, it is possible to change their identifier without invalidating them. This is made possible because the signatures that validate the transaction do not cover all the data. Indeed, the transaction is first constructed without the signatures, it is then signed and finally the signatures are added to it. We can consider two types when talking about transactional system :
The intrinsic malleability of the signature algorithm itself (ECDSA). The latter uses a random number to produce a signature: it is, therefore, sufficient to produce a signature with another random number to change the identifier of the transaction. Obviously, only the signatory can carry out this type of manipulation.
The malleability coming from the unlocking scripts (scriptSig) which contain the signatures and which make it possible to effectively unlock the funds present at an address. Indeed, it is possible to produce several different fully valid scripts for the same transaction. This means that anyone can modify the identifier of a transaction before it is included in a block: this is called third-party malleability.
After introducing these various technical terms that are important for understanding the operation of the Bitcoin blockchain and associated protocols, we will be able to see the progress of a Bitcoin transaction from a common wallet and the different steps that take place during the operation.
The lifecycle of a Bitcoin transaction
Step 1 – A bitcoin wallet is created from both public and private keys
A crypto address comes from a public key through a cryprographic hashing process. To fully understand how the Bitcoin protocol works, it is essential to have an idea of what cryprographic hashing is and how it works. This system is indeed central since it is used at several levels of the circulation cycle of a bitcoin : to obtain an address, in the bitcoin script and in the “proof of work” carried out by miners. The diagram below shows the process of creating the address from the input data, namely the public and private keys. This is why one of the well-known rules in this world is well represented by the sentence : "not your keys, not your coins"
If we compare payment with bitcoins to payment by bank card in a store, the public key corresponds to your bank card number, the one that identifies you and that you can transmit without too much risk, and the private key corresponds to your code secret, which allows you to validate the payment and which you must not disclose. When you download a wallet to hold your bitcoins, the private and public keys do not appear, but are automatically generated by the wallet, along with your bitcoin address. You will only access and transfer your Bitcoin Address. As shown in the diagram above, the Bitcoin Address is obtained by applying a double hash (SHA256 and RIPEMD160) to the public key to obtain what is called the “Public Key Hash” (20bytes / 160bits). This is then encrypted using a Base58Check system to obtain a definitive Bitcoin Address.
The hashing algorithm here is a mathematical formula which is applied to a variable number of data (the "input") in order to transform them into a fixed number of data corresponding to the digital footprint of the data ("output"). In the case of the SHA256 algorithm, the code size is always 256 bits. The hash system is used in many areas other than bitcoin to easily verify that the initial data ("input") has not been changed. With this system, two different inputs cannot give identical output. It is also important to remember that the hashing algorithm only works in one direction and that the input cannot be found from the output.
Step 2 – Transaction creation with existing data
Person A wants to transfer bitcoin to person B. At this point, A and B both have a wallet and therefore each have a private/public key set/couple and a bitcoin address. B shares his public key encoded in the form of a Bitcoin Address to A. This Bitcoin Address can be shared to anyone by any means, whether by email or QR code.
Upon receipt, the recipient wallet will include the information from this address in the transaction created, so B can then prove with his private key that the transaction was intended for him. Transactions are linked to each other in the blockchain. The output of a transaction, which includes the amount A wishes to transfer to B and B’s address information is included in the Input of the next transaction. It is important to note that a wallet has the ability to combine the number of multiple transactions received in the past in order to send the exact amount wanted. The segwit feature might also be used for transactions and signatures on blockchain.
In practice, person A’s wallet transforms the Bitcoin Address into a “Public Key Hash” to create a transaction. The “Public Key Hash” was originally created by B and therefore contains the information of his public key and his private key. This is essential because B will be using his private key to get the payment.
A will use B’s “Public Key Hash” to create a “Pubkeyscript”. “Pubkeyscript” can be understood as a code lock that can only be open by lining up the correct 3 or 4 numbers. However, this combination is contained in what is called the “Signature script” which is designed from the private and public keys that B must provide to spend in example to create a new transaction.
A will therefore constitute a transaction from an existing transaction by following the following steps:
Using its own private and public keys, it creates a “Signature Script” in the Input of the Version 2 transaction and thus unblocks the Output of the Version 1 transaction. In other words, its “Signature Script ”(that of version 2) is the code required by the“ PubKey Script ”(that of version 1), which had been created from its Bitcoin Address.
Creation of a new “Output” by A: He can now include the amount of bitcoin present in the Output of transaction version (1), in the Output of Transaction version (2) and close it using the “Pubkey Script” padlock created from B’s Bitcoin Address. So only B will be able to open the lock and spend the Output by creating a transaction in turn by following exactly the same process.
The transaction is then sent to the bitcoin network and the miners will determine if the code used by A (the “Signature Script”) allows opening the padlock of the previous Output (the “Pubkey Script” of the transaction Version 1). If so, the transaction will be added to the Blockchain for B to access.
Step 3 – Transaction broadcasting seeking for miners validation
Bitcoin mining is a central process to the functioning of the system. In that way, a new block is added to the blockchain every 10 minutes. For each block created on the network, miners must perform several actions :
Check if the transactions sent over the network are correct
Assemble them in a block
Calculate the hash of the “header” of this block by carrying out the POW model
If it is accepted by the rest of the network, it is added to the blockchain and the miner gets the corresponding reward (coinbase + fees added to each transaction). Even is the process seems quite simple with these few lines, the technical process is however a bit harder to understand :
1. Miners check the validity of the transactions they receive, grouping these transactions together in the memory pool until there are enough to add them to a block. These checks aim to determine if the transactions have been constituted in accordance with the rules of the Bitcoin protocol, such as the existence of sufficient output to constitute the transaction, an unlocking script corresponding to the locking script, or even more simply. that the transaction syntax is correct. The “Memory Pool” we are referring to should not be confused with “Mining Pools” which are generally smaller groups of miners who add their computing power to try to win the race of block creation.
2. At the same time, the miner will constitute a block which is composed of two parts: a head (“Header”) in which information concerning the block in constitution is stored and a corp (“Body”) including all the transactions of the block on shape of a “Merkle tree”.
Merkle Tree: The Merkle Tree is a method of structuring data for easier access and for verifying its veracity more quickly. As you would have understood, the name comes from the fact that this method organizes the data by grouping them in pairs, thus giving the shape of an overturned tree. Indeed, the transactions are grouped in groups of two, a hash is then applied to this group. The groups are then grouped into groups of two and then subjected to the same process until the last hash called the root ("Merkle Root") which is added to it as a reference in the "Header" of the block.
This organization of transactions within a block will allow miners when checking new transactions, to go back very quickly to the last transaction concerned and thus check whether there is indeed an output of an amount greater than the one that must be spent in the new transaction.
Step 4 – Miners validation and submission on network
The miners then validate the entire validity of the hash via the notion of header included in the block as well as via the use of the POW process which makes it possible to communicate to the entire network before submitting the addition of the block to the whole Bitcoin Blockchain. In technical terms, miners solve a costly crypto puzzle to encapsulate this transaction in a new block before disseminating this block to other miners.