Bitcoin is a consensus network that enables a new payment system and a completely digital currency and is the first decentralized peer-to-peer payment network that is powered by its users with no central authority or middlemen. From a user perspective, Bitcoin is pretty much like cash for the Internet it can also be seen as the most prominent triple entry bookkeeping system in existence
Triple entry bookkeeping is an accounting system that involves a three parties, the sender of the transaction, the receiver of the transaction and one party that oversees the transaction. Each party has a copy of the transaction which makes for the triple entry.
The triple entry transaction may be considered more secure that the traditional double entry book keeping system as a the double entry system requires a single party to verify the presence of a transaction and ensure that the transaction receipt is valid and not tampered with. A triple entry system bypasses this step by providing every party involved in the transaction with a copy of the receipt and each party then has the incentive to police and preserve it.
A bitcoin transaction follows the following process; the recipient of the transaction provides the sender with their public key and payment instructions. A third party, oversees the transaction by packaging the payment request and creating a receipt. The receipt is signed by multiple parties, including the independent third party which creates a reliable and secure audit trail.
In the bitcoin system, a transaction is comprised of a transaction message which includes details on the parties involved in the transaction as well as a unique digital signature which prevents the transaction from digital forgery.
The digital signature is generated by using a user’s private key and transaction message as inputs. A public key is referenced in the transaction and is publicly accessible across the network. A public key is generated using a SHA-2 algorithm which is dependent on the transaction message and the digital signature.
If any other party wanted to verify the authenticity of the sender, they could do so by checking whether the digital signature and transaction message correspond the sender’s public key. In this way, a user never has to reveal their private key which would compromise security and privacy. Since the public key is also dependent on the transaction message, tampering with the message would invalidate the signature.
As opposed to most financial databases, the block chain does not keep a record of all account balances. Each transaction is linked to a previous transactions, , In order to send 5 inputs, the sender needs to prove that at some point that he/she received the equivalent of 5 inputs though one or more transactions.
Each input must be used up completely, the remainder or “change” is sent back to the sender, by the system, as a separate transaction. An invalid transaction further back in the chain would render each preceding transaction invalid. In order to verify that all the transactions in the block chain are valid, bitcoins’ e-wallet software downloads, extracts and verifies every transaction ever made right up to the first bitcoin transaction.
The transaction chain represents the passing of ownership of an input. Each input is dependent on previous inputs, and once one input is used, it cannot be used again.
The block chain is a distributed database of cryptographically sealed transactions and is the backbone behind the bit coin currency. The block chain provides a tamper-proof, shared public ledger, available to all parties in the block chain network.
Since the block chain is a distributed database, users need some consent on the order in which transactions occur. New blocks are broadcasted node by node and the sequence that you received a block may not represent the actual sequence of events. Consider the following situation:
- Party A wished to fraud party B so Party A sends (x) input for a product.
- Party B receives receipt of input (x), packages the product and sends it.
- Party A then sends another input (y) which is references the same input (x) back to herself.
- Party C who is a miner and because of propagation times, receives transaction (y) before transaction (x).
- In turn Party C renders transaction (x) invalid since it is referencing an already used input.
This is called the double spending fraud, to understand how double spending is prevented, we must look closer at how the block chain works.
Miners & Blocks
A block is a bundle of transactions with a reference to the previous block in the chain. The order in which the transactions happened is determined by the order of the blocks. All the transactions in one block occur at the same time and all other transactions are classified as unconfirmed.
The block chain is created by miners, who are inter-connected users with software running on their systems that allows them to create a block and add it to the block chain. Each block is cryptographically signed added to the block chain and the miner that generated the block gets a reward, but only after 99 other transactions have been added to the chain, this provides a shared incentive for miners to participate in the system.
Block Chain vs Transaction Chain
The purpose of the blockchain is to order the blocks in a manner that provides consensus on the time that all transactions occurred across the system. Blocks are ordered sequentially and each block references the block before it. Transactions that are enclosed in a block are said to have happened at the same time.
The blockchain differs from the transaction chain as it used to order transactions whereas the transaction chain keeps track on how the ownership of inputs changes. Any miner can collect a bundle of transactions, create a block and broadcast it as a potential entry for the next block in the block chain. Several options for the next block may exist at any given time and the system needs to decide which one to pick. The solution to this problem forms an integral part of the block chain operates.
Proof of work
Every block in the block chain contains the solution to a cryptographic hash function, also refereed to as the proof of work. In order to solve the solution each computer runs the contents of the block and a random guess through a cryptographic hash. A hash function creates text of a predetermined length from an input of any arbitrary length, in addition the output is completely unique and a small change in the input causes a very large change in the output.
Input: The quick brown fox jumps over the lazy dog Output:
Input: The quick brown fox jumps over the lazy dog. (period included) Output:
In order to find the solution to the hash function, each miner must make random guesses until the output of the hash function meets a certain criteria. Once a miner finds the solution, the new block is added to their local block chain and the new chain is broadcasted across the network. If another miner receives a new block that is longer than their local chain they must stop attempting to create a new block, and update their local copy of the block chain with the longer chain.
The solution to the hash function is used to uniquely reference the previous block in the block chain. Therefore the only way for a fraudster to double spend would be to present a longer block chain, once the merchant has sent their products/ services. In this case a fraudster would have to have computing power equal to half the entire network in order to have a 50% chance of solving a block, and even more power in order to solve two or more consecutive blocks. The solution to the hash function is also sometimes referred to as proof of work as it guarantees that the power of the entire network was brought to bear. The small probability that the same user may be able to solve two or more blocks consecutively effectively protects’ the system from a double spend attack.
The hash function is configured so that one block is generated every ten or so minutes. The randomness in the math problem minimizes the risk that that two people will solve it at the same time. However sometimes two or more miners find the solution at the same time leading to several branches of the block chain. In this case, when the next block is solved all miners must again switch to the longest branch available. The end result of this process is that the chain stabilizes and all the miners are in agreement about the order of blocks a few back from the end of the chain.
The ambiguity of the order of the latest blocks has an implication on security, as a general rule transaction’s further back in the chain are considered more secure. In recent news, a blockchain startup company R3CEV recently completed testing a blockchain based system which may be used by 42 major financial institutions including Barclays, HSBC and Credit Suisse. The distributed ledger was based on the public Ethereum network hosted on a private network hosted on Microsoft Azure. Results from the test seemed to have a positive overall outcome, hinting that the use of blockchain technology in major financial markets may become more and more evident in the near future.
- Brezo,F; Pablo, A. (2012). Issues and Risks Associated with Cryptocurrencies such as Bitcoin. The Second International Conference on Social Eco-Informatics. 24 (1), 20-28.
- Eyal, I. (2015). Bitcoin-NG: A Scalable Blockchain Protocol. Cryptography and Security. 1 (1), 1-8.
- Goodard, W & Melville, Stuart (2007). Research Methodology an Introduction. 2nd ed. Cape Town: Juta. p1-24
- Higgins,S. (2016). R3 Completes Blockchain Test With 11 Banks. Available: http://www.coindesk.com/r3cev-blockchain-test-11-banks/. Last accessed 2/7/2016.
- Hobson, D. (2013). What is bitcoin. XRDS. DOI: 10.1145/2510124 (1), 42-44.
- Zyskind, G; Nathan, O; Pentland A. (2015). Decentralizing Privacy: Using Blockchain to Protect Personal Data. Security and Privacy Workshops (SPW), 2015 IEEE. 10.1109 (1), 180 - 184.