Bitcoin Genesis – The Satoshi Nakamoto Paper

Where does the bitcoin story begin?

To an extent, all beginnings are arbitrary. We then build the narrative to justify our starting point. But the selection of the posting – publication is too grand a word for it – on 31st October 2008, of Satoshi Nakamoto’s paper; Bitcoin: A Peer-to-Peer Electronic cash system, seems, on the face of it at least, a less arbitrary opening than most. So let’s start there.

And ignoring, for the moment, the announcement of and response to the posting – muted both – let’s go straight to the paper itself. It is there we will find the richest clues to the design and aims of the bitcoin technology, starting with the abstract, which is worth quoting in full.

“A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending. We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work. The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they’ll generate the longest chain and outpace attackers. The network itself requires minimal structure. Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone.”

In full, the above paragraph provides a summary of the blockchain technology underpinning the bitcoin system – concisely, clearly, and on-point – as has yet to be bettered.

The central aim of bitcoin is stated baldly in the first sentence ‘without going through a financial institution’. This will be money transfer, payments, purchases, exchanges, without a bank, achieved by using a peer-to-peer network, a network without servers, an amorphous community of equals.

The language is simple and direct, unfussy, uncluttered, but the construction ‘would allow’ hints at the anticipated unshackling, and the adverbs ‘purely’ and ‘directly’ tremble with the hint of the cleansing to come.

The second sentence goes straight to the first element of the bitcoin strategy; digital signatures. An appreciation of how bitcoin works, and hence what its capabilities and limitations are, requires that you understand – at least a little bit – how digital signatures work. You don’t need to get your head round the underlying math of this cryptographic technique – how many of us could? – but you need to at least be able to back-box it; what goes in and what come out? The second sentence also signals that digital signatures are only part of the answer. We still have the ‘double-spend’ problem to contend with, whatever that is.

By the fourth sentence we’re into the real meat of the technical issues. Timestamps, I think we can all get, but ‘an ongoing chain of hash-based proof-of-work’? What is that?

OK, maybe we don’t totally understand yet what’s going on, but it is quivering to life.

Sentences five and six:

“The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they’ll generate the longest chain and outpace attackers.”

It trembles with drama. Those aggressive epithets – ‘longest chain’ ‘CPU power’, both of which are repeated, like drumbeats. And those verbs! – ‘witnessed’ – how deliciously biblical – ‘controlled’ ‘attack’ ‘generate’ ‘outpace’.

‘The network itself requires minimal structure.’ Yes, we’re moving fast, like light cavalry.

“Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone.” ‘…leave and rejoin… at will…’ Oh, the freedom! The lightness! The joy!

If you go to a site like Blockchain.info you can watch the transactions ticking over, as they happen, second by second, scrolling and flickering – amounts, addresses, timings – you can see the latest blocks, in their slower pace, get added to the chain. You can feel the pulse of the blockchain.

Back to Nakamoto’s paper, and now comes the Introduction, the first of the twelve short sections of this three-and-a-half-thousand-word document.

“Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments.”

And who can fail to feel the clammy hand of the gatekeeper on their shoulder, the regulations, the barriers, the delays, the charges, the percentages, the mysterious days-long journeys of our money-digits across the speed-of-light Internet, and their arrival, depleted, at the other end.

“While the system works well enough for most transactions,…” – that feels grudging – “…it still suffers from the inherent weakness of the trust based model.” And there follows a catalog of the drawbacks of this model; cost, reversibility and the potential for fraud, and then a fuller statement of the proposed solution.

Before we proceed to the second section, Transactions, where the mechanics of the solution begins to be presented we need to look more closely at a couple of technical matters. Digital signatures and hashes.

As I said, beginnings are arbitrary, and sometimes – often – we have to go backwards to make sense of what lies before us. The references at the end of Nakamoto’s genesis document point us in the right direction. Of the eight citations, five are from the 1990s , one from 1980 and one from 2002. The single remaining reference is an introduction to probability math from 1957. So many of the techniques that Nakamoto would be using in his design were a decade or more old. They were known technologies. It was the construction, the deployment, that was new.

[1] W. Dai, “b-money,” http://www.weidai.com/bmoney.txt, 1998.  [6] A. Back, “Hashcash – a denial of service counter-measure,” http://www.hashcash.org/papers/hashcash.pdf, 2002.

[2] H. Massias, X.S. Avila, and J.-J. Quisquater, “Design of a secure timestamping service with minimal trust requirements,” In 20th Symposium on Information Theory in the Benelux, May 1999. (Link to PDF follows)

http://nakamotoinstitute.org/static/docs/secure-timestamping-service.pdf

[3] S. Haber, W.S. Stornetta, “How to time-stamp a digital document,” In Journal of Cryptology, vol 3, no 2, pages 99-111, 1991. (Link to PDF follows)

https://www.anf.es/pdf/Haber_Stornetta.pdf

[4] D. Bayer, S. Haber, W.S. Stornetta, “Improving the efficiency and reliability of digital time-stamping,” In Sequences II: Methods in Communication, Security and Computer Science, pages 329-334, 1993.

[5] S. Haber, W.S. Stornetta, “Secure names for bit-strings,” In Proceedings of the 4th ACM Conference on Computer and Communications Security, pages 28-35, April 1997.

[6] A. Back, “Hashcash – a denial of service counter-measure,” http://www.hashcash.org/papers/hashcash.pdf, 2002. (Link to PDF follows)

http://nakamotoinstitute.org/static/docs/hashcash.pdf

[7] R.C. Merkle, “Protocols for public key cryptosystems,” In Proc. 1980 Symposium on Security and Privacy, IEEE Computer Society, pages 122-133, April 1980.

[8] W. Feller, “An introduction to probability theory and its applications,” 1957.

Transactions are central.

The transaction is the core element, the atomic unit, of the bitcoin/blockchain database. In fact – and it’s important to be clear on this – bitcoins or satoshis, the units of currency, don’t exist as separate entities. They only exist by implication. The bitcoins you own, are the total of all the unspent transaction outputs that have been assigned to addresses you have the private keys for.

Bitcoins come into existence as the output of a coinbase transaction. A coinbase transaction is the special transaction that a miner adds to each block, which is the miner’s payment for mining that block.

Bitcoins, and fractions of bitcoins, move through the system, from bitcoin address to bitcoin address, as transaction outputs.

A block, is simply a collection of transactions, packaged up for convenience. So, both bitcoins and blocks are secondary to transactions.

Over the course of November 2008, in response to comments about the original paper, Nakamoto sent a number of emails, which made clearer his political thinking and expanded on a number of technical details.

http://satoshi.nakamotoinstitute.org/emails/cryptography/

In reaction to the assertion, “You will not find a solution to political problems in cryptography,” Nakamoto replies, “Yes, but we can win a major battle in the arms race and gain new territory of freedom for several years.”

And on the future development of the network…

“It’s based on open market competition, and there will probably always be nodes willing to process transactions for free.”

I love the ‘probably’.

The story continues. But we have made a beginning.

Bitcoin, Blockchain and Crytpocurrency

Three words stand at the core of this exploding new technology. They are, from the more general to the particular, cryptocurrency, blockchain and bitcoin.

A cryptocurrency is a form of digital money which uses cryptography – the technology which secures digital communications – to maintain a reliable database of money transactions.

The blockchain is the decentralized, networked, peer-to-peer database proposed by Satoshi Nakamoto – the pseudonymous creator of bitcoin – in November 2008 and launched in January 2009, which enables the bitcoin currency.

Bitcoin is the – so far – most successful implementation of a cryptocurrency.

To learn about bitcoin, you need to begin with some knowledge of cryptography. The cryptographic techniques, employed in the blockchain design, determine the capabilities of the system. Bitcoin is inseparable from the technology that enables it.

Although cryptography is an intensely technical discipline, based on algorithms and their implementation in software and hardware, it is possible to understand what these tools do without going all the way down into the underpinning mathematics and electronics.

You can see how the blockchain is put together from a few core cryptographic tools

Building on an understanding of the blockchain you gain an appreciation of how bitcoin works and how the blockchain enables the development of other services.