Cryptographic Foundations
Bitcoin’s trust model depends on cryptographic hash functions and authenticated data structures.
A hash function such as SHA-256 converts any input into a fixed-length digest that changes unpredictably when even one bit of input changes.
Hashing enables Bitcoin to verify data integrity, detect tampering, and provide compact digital fingerprints.
A hash pointer is a pointer that also stores a hash of the referenced data.
If the data changes, the hash no longer matches, revealing tampering.
Hash pointers are used in systems such as Git, where each commit points to the hash of its parent commit.
A change in any file causes the commit hash to change, and this change propagates through history.
The blockchain uses the same idea. Each block includes the hash of the previous block’s header.
If an attacker modifies one block, every later block becomes invalid because the hashes no longer align.
A Merkle tree organizes data into a binary tree of hashes.
Each internal node stores the hash of its two children, and the root hash commits to all the data below it.
Merkle trees make it possible to verify that a transaction or file is included in a dataset without retrieving everything.
They are used in many systems:
-
Git uses Merkle-like structures to record file contents.
-
BitTorrent uses them to verify downloaded file chunks.
-
Bitcoin uses them to summarize all transactions in a block with a single Merkle root.
The Ledger: Transactions vs. Accounts
Banking systems maintain account balances that change as money moves between accounts.
Bitcoin takes a different approach. It does not track balances but records every transaction ever made.
The current state of the system is the set of unspent transaction outputs (UTXOs).
Each Bitcoin transaction consumes prior outputs as inputs and creates new outputs that represent new ownership records.
Example:
-
Alice sends Bob 0.5 BTC. That transaction gives Bob an output worth 0.5 BTC.
-
Bob later sends Charles 0.2 BTC. His new transaction lists the output from Alice as an input. Because outputs must be spent in full, Bob also creates an output back to himself for 0.3 BTC as change.
This model ensures that:
-
Each output can be spent only once.
-
Every transaction has clear ancestry.
-
The sum of inputs equals or exceeds the sum of outputs (any remainder is the fee).
All values are expressed in satoshis, the smallest Bitcoin unit, where 1 BTC equals 100,000,000 satoshis.
Keys and Addresses
Ownership and authorization in Bitcoin rely on public-key cryptography.
Each user generates a key pair:
-
The private key is secret and used to sign transactions.
-
The public key is shared so others can verify those signatures.
There are no usernames or real-world identities on the blockchain.
A user proves ownership simply by producing a valid digital signature with the correct private key.
Bitcoin uses addresses as compact, safer representations of public keys.
Addresses are derived from public keys by hashing them with SHA-256 and then RIPEMD-160, adding a checksum, and encoding the result in a readable alphabet.
They are used in transaction outputs to specify who can spend a given output.
When a recipient later spends funds, they reveal their public key and signature, allowing others to verify that it matches the address in the earlier transaction.
This system keeps participants pseudonymous while ensuring that only authorized users can spend funds.
Transactions
A Bitcoin transaction contains inputs and outputs. Inputs identify where the bitcoin comes from, and outputs identify to whom it is being transferred.
Each input references an earlier transaction output and provides a digital signature and public key as proof of ownership.
Outputs specify the recipient’s address and amount.
Every input must be completely spent, so transactions often include a change output that returns excess funds to the sender.
The small difference between total inputs and outputs becomes the transaction fee, which goes to the miner who includes the transaction in a block.
When a transaction is created, it is broadcast to nearby Bitcoin nodes and propagated across the network within seconds.
Nodes independently verify each transaction by checking signatures, ensuring that referenced outputs exist and have not been spent, and validating the total value.
Once validated, transactions wait in a pool until included in a block.
Blocks and Linking
Transactions are grouped into blocks to simplify verification and synchronization.
A block bundles many transactions and links to the previous block, forming a continuous chain.
Each block has two main parts:
-
Header, which contains metadata such as the previous block hash, Merkle root, timestamp, difficulty target, and nonce.
-
Body, which lists all included transactions.
Changing any transaction alters its hash, which changes the Merkle root, the block hash, and every later block’s reference.
Because each block depends on the one before it, the blockchain acts as an append-only, tamper-evident ledger.
Proof of Work and Consensus
Bitcoin uses Proof of Work (PoW) to determine which miner can publish the next block.
Miners repeatedly adjust a nonce in the block header until the SHA-256 hash of the header is less than a target value.
This process is computationally expensive but easy to verify.
The network automatically adjusts the difficulty every 2016 blocks to maintain an average 10-minute block interval.
Over time, Bitcoin mining evolved from CPUs to GPUs, to FPGAs, and then to custom ASICs built solely for hashing.
Because finding a valid hash is random, miners often join mining pools to share rewards.
Winning the Proof of Work is similar to winning a lottery, where the chance of success depends on computational power.
Nodes always follow the longest valid chain, meaning the chain with the greatest cumulative proof of work.
An attacker would need to redo the proof of work for multiple blocks and outpace the global network to rewrite history.
Such an event, known as a 51% attack, is theoretically possible but prohibitively expensive.
Mining and Consensus Details
Bitcoin nodes play different roles. Some, known as miners, gather valid transactions into blocks and compete to append them to the blockchain.
Full nodes verify all transactions and blocks but do not perform mining.
Mining has evolved through several generations of hardware:
-
CPUs were first used in 2009.
-
GPUs quickly replaced them for higher throughput.
-
FPGAs (Field-Programmable Gate Arrays) provided greater efficiency.
-
ASICs (Application-Specific Integrated Circuits) dominate modern mining due to their extreme specialization for SHA-256 calculations.
Because mining is probabilistic, miners often join mining pools to share both the work and rewards.
Finding a valid block hash is like winning a lottery: success depends on chance, but probability increases with total computational power.
A miner who controlled over half of the network’s total computing power could, in theory, execute a 51% attack—rewriting recent history or excluding transactions.
However, the cost and scale required make such an attack practically infeasible in the global Bitcoin network.
System Overview
Bitcoin’s architecture combines four reinforcing layers:
| Layer | Purpose |
|---|---|
| Cryptography | Provides data integrity and authorization using hashes and signatures. |
| Data structures | Blockchain and Merkle trees maintain authenticated, tamper-evident storage. |
| Consensus | Proof of Work coordinates the network without central authority. |
| Economics | Block rewards and transaction fees motivate miners to act honestly. |
Together, these layers allow strangers to agree on a single version of history without a trusted intermediary.
Bitcoin’s design shows how cryptography, distributed computing, and incentives can replace institutional trust with mathematical verification.