Bitcoin? How does that work. They're like coins, but they're made of bits! Many people have rambled on how bitcoins may or may not change the world. I'm not here to talk about that (not much anyway). I'm going to talk about the details of how the math works. Mmmm, sweet, sweet details. We're going for a ride into the world of cryptography.
Everyone knows that Satoshi Nakamoto created bitcoin. Everyone also knows that every Tuesday he eats dinner at his favorite restaurant in [redacted] if you ever want to have a chat with him. Anyway, it's a little known fact that he made a bit of side cash from selling rare paper napkins on his website a few years ago. He woke up one morning and put up a vintage 1946 McDonalds Christmas edition for sale. Of course, it sold for thousands of dollars almost instantly. He carefully packaged up his napkin and shipped it off as quickly as possible (as all good sellers do). What happened next was a complete shock. The customer reported the transaction as fraud and the bank gave them their money back -- a chargeback! After a few phone calls, it appears that the bank agrees with the customer because they don't believe that someone is trading napkins for thousands of dollars (I know, how crazy is that). Satoshi lost his precious napkin and thousands of dollars because the trust relationship between his customer and the banks involved in the transaction failed.
So, after work one day, Satoshi then set out on a quest (yeah, Satoshi does quest stuff) to create a system where a trust relationship like this can't fail. Once someone sends money, it should be sent for good -- no more chargebacks that depend on a complicated system of failure prone trust relationships. A quick search on the Internets led Satoshi to the wonderful world of cryptography. Rather than pay people with money based on human trust, we should be able to pay people with money based on really long numbers with special properties that are nearly impossible to forge.
But then he thought, how is this any different from printing paper money? A mint would generate these really large random numbers and circulate them to the public -- there's no benefit over paper money! Also, counterfeiting becomes a nightmare when it only takes a simple cut-and-paste operation to copy money. There must be a way to prevent the same long random number, the money number, from being spent more than once. However, tomorrow is another today, Satoshi grabbed his toothbrush and set off for bed.
While in the shower the next morning, a lightbulb went on over Satoshi's head after he flipped the switch on the wall. A few minutes later, after his eyes adjusted to the annoying overhead light, he thought of a potential answer to his problem -- public and private keys! It was so obvious. He realized that if he creates a system where the money number changes every time it's spent, it'll be impossible to spend a money number more than once. Every person will simply create a random number that they give to everyone (a public key) and a random number that they keep hidden from everyone (a private key). These public and private key are related to each other in a few special ways. For example, when a money number is combined with the private key, someone can use the related public key to prove that a specific hidden private key was used. When someone wants to spend a money number, they combine it with their private key to prove to the receiver, who uses the related public key, that the money is coming from the person who has control of the private key. Another property of the public and private keys is that someone can combine the money number with a public key in such a way so that only the owner of the private key related to that public key will then be able to figure out what the original money number is.
How do we use these public and private keys to change the money number after it's spent each time? One more thing is needed, something called a hash. A hash is simply a thing that can take a bunch of numbers and combine them into a single number, or hash value. However, it's very difficult to go the other way -- you can't simply figure out the original numbers from the hash value. A hash lets us nicely package up a previous transaction.
Phew. It looks like Satoshi finally figured out a bunch of tools that can used to create a chain -- a secure list of transactions. When it comes to money numbers, a transaction is simply a bunch of numbers that prove the transaction took place. To prove his concept, Satoshi gave one of his money numbers to Alice (for free!). So, now Alice has a money number and wants to give it to Bob to pay him back after that trip to New Mexico. Also, Alice and Bob both have public and private keys. Alice creates a new transaction by combining her private key with the hash number of all numbers in the previous transaction. She then combines it with Bob's public key before she sends it off to Bob. Bob can then verify that the money number is worth something by checking it against Alice's public key and the public keys of people who held the money number before Alice.
Problem solved! But wait, later on we discovered that Alice double spent her money number and sent it to Craig to get some homeopathic flavored toothpicks. This is a serious problem (homeopathic flavored toothpicks also don't clean your teeth very well). How do we know Alice didn't also do the same exact thing with someone else? There's nothing stopping her from double spending a money number, or even spending the money number thousands of times. We need a way to make sure Alice can't keep sending her single money number to thousands of people.
Satoshi was pissed at Alice for cheating the system. I mean, how could she? He could see this kind of thing happening with Craig, but Alice is usually honest. Disappointed, he went down to the train station to catch the subway to the bar for a late happy hour with Adam. The train was late so he looked up the schedule. Since the clock on the wall said 5:15, he knows for sure that he already missed the 4:58. Wait, that's it -- we can combine the transaction with a time value! We need to setup a centralized server that creates hashes made up of the time, the transaction, and the value of the previous hash the centralized server created. The server will then make all of these hashes public to everyone. Now we can verify that Alice (and anyone else) didn't double spend their money number because we can figure out what transaction took place first.
But wait, we're back where we started. Satoshi's whole problem stared because a bank can perform a chargeback. What's stopping the person running the centralized hash-time server to roll back the server when they want to undo transactions? Nothing, that's what. We need a way to get rid of the centralized time server.
Finally arriving at the bar, Satoshi met up with Adam and ordered their monkey knife fight ale (which was quite awesome). Satoshi brought up the topic of Alice and how she's trying to cheat the system. He also mentioned the centralized time server thing. What Satoshi didn't know is that Adam came up with an idea to solve this problem a few years back. He called the concept "proof of work".
While Satoshi is downing a few beers, Adam goes on to describe his proof of work concept which depends on performing the really difficult operation of finding hash values with special properties. For example, finding a hash value that has a certain number of leading zero bits exponentially increases in difficulty as the number of zero bits decreases. Hashes with these special properties can be calculated by brute force. Every time someone is successful at this brute force operation, they combine it with the previous special hash value and an incrementing number (which determines how slowly to decrease the number of zero bits). Each hash value and incrementing number is called a block. When the blocks are combined together (linked by containing the previous block's hash), they're called a block chain. Since the block chain grows so slowly due to the brute force operation, everyone can trust that a block chain is the trusted chain by simply looking at how long it is. The longest block chain is the most trustworthy one. The longest block chain can be used to determine a trustworthy ordering of all transactions. Our centralized time server is no longer needed.
Satoshi, now six beers in, was like woah dude, look at that squirrel over there!
The next morning, with a blistering headache, Satoshi remembered the night before and realized he could adopt Adam's design. He would use the concept Adam described, but would also place a bunch of previously processed transactions into the block as well. That way, it would act as a distributed ledger of historical transactions. New transactions would need consensus among a few people before they were valid, but old transactions could be proven based on this distributed ledger contained in the block chain.
Everything was starting to come together, everyone would be sent a copy of the longest block chain and people would help to brute force the distributed clock. Satoshi was even nice enough to have a special rule where the first transaction in a new block is a free money number given to the person who successfully brute forced the block. This ensures that there's motivation for everyone to brute force the blocks (aka mining) and build the distributed ledger -- they get some money for it!
Satoshi then went on to create this system that we know today as bitcoin. However, Satoshi has other plans for his life besides bitcoin and moved to [redacted] for a bit until he can be sure of [redacted].