Bitcoin: A Peer-to-Peer Electronic Cash System
This post contains a brief summary of the original paper by Satoshi Nakamoto titled, Bitcoin: A Peer-to-Peer Electronic Cash System
I have managed to read the original paper by Satoshi Nakamoto after almost 14 years of its publication date. In the last 6 to 7 years, the crypto space has exploded with all its booms and busts. We are currently witnessing a bear market now. It was TP, who had initially asked to read this paper around 2017 and it is only now that I have realized that it is high time I read this paper and understand the details. Here are the main points from each of the sections
Introduction
The world is driven by massive intermediaries who take a disproportional cut out of all transactions, for playing the role of trust ensurer. Completely non-reversible transactions are not really possible as intermediaries cannot avoid mediating disputes. The need of the hour is a payment system that is based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. The paper proposes a system that takes care of double-spending problem using peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions.
Transactions
One can think of digital coin as a chain of digital signatures. The way to transfer the coin is to digitally sign a hash of the previous transaction and the public key of the next owner and adding these to the end of coin, of the next owner. In order to avoid the double spending problem, the payment network must be aware of all the transactions.
Timestamp Server
This is an idea that has its roots from Haber and Stornetta ( 1990s), who published the timestamping documents to create a digital notary service. The key ideas is to take a block of transactions, hash them along with the previous hash of transactions and make the new hash available to all the nodes
Proof of Work
This is the effort that any one has to spend so that the transactions are recognized by the network. This involves incurring a certain CPU power so that double spending problem is taken care of. However this is possible only if the computational power of honest nodes exceeds that of attacker nodes
Network
The steps to run network are
- New transactions are broadcast to all nodes
- Each node collects new transactions in to a block
- Each node works on finding a difficult proof-of-work to all nodes
- Nodes accept the block only if all transactions in it are valid and not already spent
- Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash
Incentive
The incentives for a miner are taken care of by issuing new bitcoins as well as receiving a fee for creating the block
Reclaiming Disk Space
Use of Merkle tree ensures that one need not store the entire history of blockchain transactions
Simplified Payment Verification
All one needs is the block headers to quickly verify the longest proof-of-work chain.
Combining and Splitting Value
This is the BLOCK part in the block chain where individual transactions are chunked and published to the network as a block
Privacy
By using public key that is a cryptographic key, one can achieve the best possible anonymity of a transaction on the network
Calculations
This section uses Gambler’s ruin setting to show that an attacker’s odd of messing the network goes down exponentially based on how far behind his transaction is, on the blocks being formed on the network. One can use a simple recursive equation to find the probability of attacker catching up. Subsequently one can bake in a poisson distribution for the blocks being formed and then compute the probability for various scenarios of attacker catching up
Conclusion
Coins made from digital signatures have a problem of double spending. To solve this, the paper proposes a peer-to-peer network using proof-of-work to record a public history of transactions that quickly becomes computationally impractical for an attacker to change if honest nodes control a majority of CPU power. Nodes can leave and rejoin the network at will, accepting the proof-of-work chain as proof of what happened while they were gone. They vote with their CPU power, expressing their acceptance of valid blocks by working on extending them and rejecting invalid blocks by refusing to work on them.
What did I learn from this paper ?
The fact that Nakomoto put this system to test instead of merely publishing a theoretical paper is crucially important. There were many academics that played with all the ideas that are mentioned in the paper but I guess the genius lies in putting these disparate ideas together, create a system and test the system out in the wild; that requires taking risk and it paid off handsomely.