Bitcoin for the Befuddled is an introduction to the Bitcoin cryptocurrency.
I found Bitcoin for the Befuddled an informative book, with good explanations of the Bitcoin concepts. And because one of the authors is also a cartoonist there are many cartoons. However, sometimes it felt too childish to me, especially the last chapter about Bitcoin in the year 2030. As the book was published in late 2014, some of the websites and tools mentioned no longer exist.
What Is Bitcoin
In the simplest terms, Bitcoin is just another currency. The term Bitcoin refers to the entire currency system, whereas bitcoins are the basic units of the currency.
[...] Bitcoin is the world's first currency that is both digital and decentralized.
Bitcoin is not a company, nor does a single person or organization issue or control bitcoins; therefore, it has no central point of failure. For this reason, nobody can inflate the currency supply and create hyperinflation crises [...].
Bitcoin is an inherently international currency; anyone can send bitcoins to anyone else in the world, in any amount, almost instantly.
In the Bitcoin system, everyone cooperates to keep track of everyone else's money, and [...] no central authority (e.g., bank or government) is involved.
Although the total currency supply is capped at 21 million bitcoins, each one can be subdivided into smaller denominations; for example, 0.1 bitcoins and 0.001 bitcoins. The smallest unit, a hundred millionth of a bitcoin (0.00000001 bitcoins), is called a satoshi in honor of Satoshi Nakamoto.
Rather than writing the term bitcoins on price tags, merchants commonly use the abbreviated currency code BTC or XBT; 5 bitcoins would be written as 5 BTC. Despite the fact that the BTC abbreviation has been widely used since the beginning of Bitcoin's development, more recently some merchants and websites have started using XBT because it conforms better to certain international naming standards.
As bitcoins have appreciated in value, it has become increasingly common to work with thousandths or even millionths of bitcoins, which are called millibitcoins (mBTC) and microbitcoins (µBTC), respectively. Many people have suggested simpler names for Bitcoin's smaller denominations, and one that has gained traction is referring to microbitcoins (quite a mouthful) as simply as bits.
Bitcoin uses a public ledger that indicates the number of bitcoins and their owners at any given time. But instead of associating names of people with accounts, the ledger only lists Bitcoin addresses.
To send bitcoins to others (e.g., an online merchant, a friend, or a family member), you only need to know their Bitcoin address. In turn, when you share your address with others, they can send you bitcoins.
Because Bitcoin addresses are cumbersome to type, many people use quick response (QR) codes to represent their address.
Because all transactions on the Bitcoin ledger are public information, maintaining privacy (if that is desired) can be a challenge. Although no personal information is on the ledger, if you share your Bitcoin address with your friends or post it in a public place that others can associate with your identity, your Bitcoin balance at that address will be known to everyone (including all incoming and outgoing transactions). To enhance your privacy, you can use many Bitcoin addresses but publicly share only some of them.
As with Bitcoin addresses, QR codes are often used to represent private keys because of their length. Each private key is paired with a single Bitcoin address and is able to unlock the bitcoins at that address (i.e., move them elsewhere).
[...] if you lose the private key to an address in which you've stored bitcoins, those bitcoins will remain locked in that address forever.
A Bitcoin wallet is a collection of addresses and private keys owned by one person.
To manage several addresses and private keys, people use Bitcoin wallet programs. Whereas a Bitcoin wallet is an abstract concept, referring to a group of Bitcoin addresses, a wallet program is a concrete tool that helps users with common Bitcoin tasks, such as creating new Bitcoin addresses, sending bitcoins to others, backing up private keys, and many others.
All Bitcoin transactions are recorded into the blockchain. [...] The reason for its name is that new transactions are appended to the ledger in large chunks, or blocks. Whenever a new Bitcoin transaction is broadcast to the network, computers on the network add it to a growing pool of other new transactions. Then, about every 10 minutes, the transactions in that pool are bundled into a block and added to the blockchain.
The thousands of computers on the Bitcoin network that collect transactions and add them to the blockchain are called miners.
A transaction confirmation is a common concept in Bitcoin. Some online merchants that accept bitcoins may require one or more transaction confirmations before delivering their good or service. Every transaction exists in some block on the blockchain. The blocks behind it are older, and the blocks ahead of it are newer. The position of a block relative to the tip of the blockchain is known as the block depth. The most recently added block has a depth of 1, the block behind it has a depth of 2, and so on. The number of confirmations a transaction has is equal to the depth of its block.
Bitcoin mining is the competitive process of collecting transactions and adding them to the blockchain in the form of blocks.
The mining reward for finding a block has two components: The first part is transaction fees. When you send bitcoins to someone, a small amount of additional bitcoins is added as a transaction fee. [...] The second component of the reward is a certain number of newly minted bitcoins. The number of newly minted bitcoins that is provided as a reward diminishes gradually over time.
Storing Your Bitcoins Safely, Securely, and Conveniently
You (and only you) know your private key, so wherever you store this key is where your bitcoins are. Consequently, storing your bitcoins really means storing your private key.
Bitcoin storage methods are often distinguished by whether they are hot or cold, depending on whether or not the private keys are stored on Internet-connected devices. Hot storage refers to private keys that are stored on an online device or computer. Cold storage refers to private keys that are not accessible via the Internet.
Because sending bitcoins requires a private key and an Internet connection, hot wallets are more convenient to use, but cold storage methods are more secure and better suited for long-term bitcoin storage.
With a personal wallet, you and only you know the private keys. [...] Alternatively, with a hosted wallet, a third party knows your private keys and doesn't reveal them to you, but the company will send, receive, and store bitcoins on your behalf [...]. Some companies also offer software as a service. In this case, they host the wallet software on their servers but not the private keys. [...] We refer to such services as online personal wallets because the private keys are not hosted.
[...] online hosted wallet services are popular because they tend to be easy to use, and users don't typically need to know about Bitcoin's inner workings. [...] Although the bitcoins are yours, they are not directly in your possession (because you do not have access to the private keys). If the wallet service provider goes bankrupt, for example, you may lose your bitcoins.
[...] note that hosted wallets offer the least amount of privacy when you use bitcoins, because the provider knows who you are, the number of bitcoins you have, and all of your incoming and outgoing transactions.
Online personal wallets [...] look and behave much like hosted wallets but with a key difference. These wallet services provide you with the tools to send and receive bitcoins, but they don't know your private key. Instead, once the website loads locally on your device, (i.e. is no longer communicating with a distant web server), you generate your private keys from a password you type in. Whenever you send someone bitcoins, a signed transaction is sent to the web server, but your password (and hence your private keys) never leave your device.
[...] a personal hot wallet is a software program that runs on a device you own. Because no third party is needed to operate a personal hot wallet, using one maintains the spirit of decentralization that underpins Bitcoin. These programs give you complete control over your bitcoins without sacrificing convenience. However, an even greater responsibility is placed on you than if you use an online wallet service. Your private keys are saved on the same device that connects to the Internet and communicates with the Bitcoin network (the defining feature of a hot wallet); therefore, you need to be vigilant about protecting your device from malware, viruses, and other hacking attempts that could lead to theft.
Using a paper wallet is perhaps one of the simplest and most popular cold storage methods. This involves generating a Bitcoin address and private key on an offline computer and then writing both down on a piece of paper but not saving a copy of the information on the computer itself. You can then store the piece of paper in a file cabinet, a personal safe, or in a safety deposit box at a bank. With the piece of paper safely locked away, you can continue sending bitcoins to the associated Bitcoin address for safekeeping.
Your bitcoins are only as safe as the least secure method by which you store your private keys.
The safest way to make a duplicate of your paper wallet, which is recommended, is to clearly handwrite a few extra copies and store those copies securely.
The encrypted paper wallet method was invented to further improve the security of the paper wallet method. Essentially, instead of writing down the private key on a piece of paper, you write down an encrypted version of it. The only way to decrypt your private key is with a password you choose, preventing thieves from accessing your private key and your bitcoins.
As with ordinary paper wallets, make backup copies of the encrypted paper wallet to protect against flooding, fires, or theft. Always assume that your wallet is unsafe to ensure you are being vigilant about safety.
Offline transaction signing is the entry-level security method for Bitcoin businesses or serious users who regularly handle large amounts of bitcoins. This method requires two computers [...]. One computer has a personal hot wallet [...] but the private keys are omitted. Therefore [...] you will be asked to perform an extra authorization step using a second computer, which contains the private keys and is not connected to the Internet. This second offline computer also has a Bitcoin wallet program installed and only functions to authorize, or digitally sign, the transaction. You use the offline computer to create a file that contains the digitally signed transaction, which you then copy to the online computer and broadcast to the Bitcoin network.
Fragmented private keys and multi-signature addresses involve splitting into pieces the information required to spend bitcoins and storing them in disparate geographic locations. Both techniques achieve extremely high levels of Bitcoin storage security and safety.
Using a cryptographic trick known as secret sharing, a Bitcoin private key can be divided into many fragments, and only a certain number are required to reconstruct the key. This is sometimes referred to as an "m of n" private key, where m and n stand for the necessary and available number of fragments.
Using multi-signature addresses, or multiple private keys, as opposed to using a single private key in multiple pieces, also provides a similar level of highly secure storage. Bitcoins are stored in an address that requires more than one private key to use them.
Although you can obtain bitcoins by mining them, it is not easy (or free) to do so. [...] Bitcoin mining requires highly specialized computer hardware, cheap electricity, and a high degree of patience.
Broadly speaking, you can buy bitcoins in three main ways:
- The easy way: Through middleman companies
- The efficient way: Through currency exchanges
- The fun and futuristic way: Through person-to-person purchases
[...] exchanges are where most large Bitcoin purchases and sales happen. For this reason, exchanges usually offer the best prices for purchasing bitcoins.
At this time, the easiest way to buy bitcoins is through an established Bitcoin middleman, more accurately called a Bitcoin exchange intermediary. Exchange intermediaries consist of companies that have already registered their own accounts on one or more Bitcoin exchanges and will buy or sell bitcoins on your behalf.
Trade volume is [...] an important factor to consider when choosing an exchange. The larger the trade volume, the more likely you are to get a fair price for your bitcoins, and the more bitcoins you are able to buy and sell per day. [...] Large trade volume is also indicative of the trust in and security of the currency exchange.
Lost at Sea: A Cryptographic Adventure
Why Bitcoin is a Big Deal
The key factor distinguishing Bitcoin from its predecessors was that Bitcoin was not a company (or a product of a company) but merely a set of rules, a protocol, that dictated how digital transactions should be handled by a network of computers. Anybody could read the rules and follow them, but no individual could "own" or change them. Because Bitcoin had no central point of failure, it didn't need a government's permission to exist: There was no Bitcoin company to shut down or central organizer to incarcerate. Essentially, the Bitcoin protocol was just a clever use of mathematics to transmit value between people.
The network effect is the simple concept that people want to use a currency only if other people will accept it as payment. The more users a currency has, the more useful it is. This creates a natural barrier for the adoption of new currencies (and certainly has hindered the adoption of Bitcoin relative to traditional currencies in its first few years). Currently, Bitcoin has the largest adoption of any cryptocurrency, so newer ones would need to have easily distinguishable advantages over Bitcoin to overcome its network advantage.
The Cryptography Behind Bitcoin
One-way functions are mathematical functions that make it easy to calculate an output based on the input but difficult to do the reverse.
Cryptographic hash functions are one-way functions designed to take arbitrary data as input [...] and generate fixed-length output (e.g., a 128-bit or 256-bit number). The output is called a hash or hash value. Hash values can act like a fingerprint – a unique identifier – for files or texts. They are designed in a way that makes it extremely unlikely that any two non-identical inputs would output the same hash value (when this does happen, it is called a collision).
In public key cryptography (also known as asymmetric key cryptography), two different keys are created: a public key that is shared to encrypt the message and a private key that is confidential to decrypt the message [...]. With asymmetric key cryptography, communicating securely with anyone using an unsafe channel, like the radio or Internet, is easy: You share your public key with others who want to communicate with you, and then anyone can send you encrypted messages that only you can read using your private key. Because the public key cannot be used to decrypt messages, no danger occurs if it falls into the wrong hands. If others want you to send them encrypted messages, they give you their public key, and so on.
Bitcoin uses digital signatures to authorize transactions so that you, and only you, can spend the bitcoins you own.
A Bitcoin transaction contains a fair amount of information: the number of bitcoins transferred, the address they are being transferred to, the transaction fee, and so on. You don't want any of that information to be altered without your permission, so in addition to proving you own the bitcoins you are sending, you also need to ensure that the transaction details are followed exactly as you wrote them. A Bitcoin transaction is a message with instructions, and by signing it with a digital signature, you simultaneously prove that you have the private key and ensure that the transaction details are what you intended. If the signature is missing or doesn't match the public key, nodes on the Bitcoin network will consider the transaction invalid and will not add it to the blockchain.
Although it is thought to be computationally infeasible to calculate a private key from a public key, it is similarly difficult to calculate the input of a hash function given just the output, and it is doubly difficult to do both. Instead of sharing a public key, users share a Bitcoin address, which is a cryptographic hash of a public key. In fact, the public key is hashed twice using two different cryptographic hash functions to create a Bitcoin address.
Bitcoin uses elliptic curves to create digital signatures, specifically by using a protocol called the Elliptic Curve Digital Signature Algorithm (ECDSA).
Bitcoin involves a network of computers around the world that constantly broadcast and relay new transactions to each other. Each computer on this network is a node. Because of Bitcoin's decentralized nature, some nodes can appear or disappear at random times without impacting the network as a whole. No special central nodes exist.
Nodes can be grouped into three categories: those that only broadcast transactions; those that broadcast and relay transactions; and those that broadcast, relay, and create new blocks with transactions. Each type of node requires substantially more computational resources than the previous type. The last of the three includes Bitcoin-mining nodes and requires the heftiest computers.
When a Bitcoin node is launched (i.e., when you launch Bitcoin software on your computer), it connects to other nodes through the Internet to form a somewhat haphazard (but also robust) mesh network. A mesh network has no central nodes that manage traffic. Instead, all nodes equally share the responsibility of propagating information across the network.
Although all mining nodes collect transactions and organize them into blocks, only one of the nodes (the lucky one) adds its block to the blockchain. The fortunate miner then collects the mining reward, which is the sum of the block reward (the newly minted bitcoins in each block) and all the transaction fees for the added block. Nodes that relay transactions and those miners who didn't add a block do not receive any bitcoins from transaction fees or otherwise.
Once the lucky miner is selected, the new block is broadcast to the rest of the network, and all of the other mining nodes stop working on their old block and start working on a new one.
Bitcoin mining requires a great deal of computational power, but what do miners calculate? They repeatedly calculate the double SHA256 hash of slight variations of certain information, called the block header, in their new block. When a block of transactions is created, the block header contains a summary of information about the block, including the time it was created, a hash of the transactions within the block, and other data [...]. Importantly, in the block header is a field for an arbitrary number called a nonce, which the miner chooses. In fact, it is the only part of the block that is under the full control of the miner.
A solved block (i.e., a block that will be accepted by others as part of the blockchain and the one the miner is paid for) occurs when the double SHA256 hash of the block header results in a number that is less than some predetermined threshold, known as the difficulty target. If the result is greater than the target, the block remains unsolved. When this happens, the miner must try a different nonce, which is contained in the header and hence affects the hash.
A mining pool is a collection of miners who combine computational resources and then split the block reward. From the network's perspective, a mining pool is a single mining node, but hundreds or perhaps thousands of individual miners are calculating hashes within that node.
Bitcoin mining can only be profitable for those with the most efficient hardware, in terms of energy and capital efficiency, and cheapest electrical power.
Understanding the Different Types of Bitcoin Wallets
At a minimum, a Bitcoin wallet program needs to let a user send and receive bitcoins, as well as keep track of how many bitcoins are available to spend. In other words, a Bitcoin wallet program must be able to (1) create and broadcast transactions to the Bitcoin network, (2) generate new Bitcoin addresses, and (3) scan the blockchain to detect whether you've received any bitcoins at those addresses.
Bitcoin wallet programs need private keys in order to sign transactions before they can be broadcast to the Bitcoin network. In the simplest design, these private keys are found in the user's Bitcoin wallet, which is stored locally on the user's device in a wallet.dat file. [...] However, this design is vulnerable to attackers, who could attempt to remotely access the device over the Internet, copy the wallet file, and try to extract the private keys. A more secure design involves splitting the Bitcoin wallet and the software that manages it into two components: one with the private keys and the other without. The component with the private keys is usually stored in a highly secure location and is used for transaction signing. The component without the private keys can be stored anywhere, possibly in many locations at once, and is called a watch-only wallet.
The original Bitcoin wallet program assumed that users would never reuse an address after spending bitcoins from it. Every time a user wanted to spend bitcoins, a certain amount would go to the intended recipient, but the rest would be moved to a new, randomly generated Bitcoin address called the change address. This approach helps protect the privacy of the user, because it is more difficult for an external observer to track an individual's bitcoins if the person continually changes addresses. It's not possible to distinguish the transfer of bitcoins to a change address from the transfer of bitcoins from one person to another.
[...] some Bitcoin wallet programs provide only a single address that is continuously reused. These single key generation wallet programs allow you to generate additional addresses manually, but the default behavior is to reuse existing addresses.
Among the Bitcoin wallet programs that constantly generate new addresses, differences in implementation exist. [...] To generate a collection of private key/Bitcoin address pairs, many programs use correspondingly as many random numbers. This is known as random key generation. Every time a user needs a new Bitcoin address, a new random number is used as the private key. The drawback to this approach is that backups need to be updated regularly – essentially, every time a new address is created. [...] An alternative approach is deterministic key generation. With this approach, only the first private key is a randomly chosen 256-bit integer, which is known as the master private key, and it has a corresponding master public key. Whenever the user needs a new Bitcoin address, a new private key is chosen that is related to the master private key by a simple mathematical relationship (no randomness is involved). [...] The advantage of this approach is that a single backup, created when a user first creates a new Bitcoin wallet, is sufficient and never needs to be updated.
Full payment verification wallets, also called thick or heavyweight wallets, require a complete copy of the blockchain. They can verify that bitcoins used in a transaction originated from a mined block by scanning backward, transaction by transaction, in the blockchain until their origin is found (and the wallets can check whether those bitcoins were ever double spent). [...] One problem with full payment verification wallets is that they are very resource-intensive and take a long time to initialize.
SPV [Simplified payment verification] wallets, also called thin or lightweight wallets, cannot check whether transactions are valid; rather, they can check whether full nodes, specifically miners, have validated them. The goal of a thin wallet is to check that a transaction has been verified by miners and included in some block in the blockchain.