Hi, welcome back. In the previous two lessons, we talked at length about sentences one and two in the abstract of Satoshi Nakamoto's 2009 paper which launched bitcoin. Since we covered a lot of background in the previous two talks, this one and the next will proceed more quickly. We'll talk about sentences three through five in this talk and six through eight in the next. Sentence three, quote, we propose a solution to the double-spending problem using a peer-to-peer network, unquote. Preventing double-spending is what ensures that if I have two bitcoins, I don't send you two bitcoins and someone else the same two. When a bitcoin minored the sides to include my transaction in a block, a check must be performed to ensure that I have the funds to perform the transaction. This is done by referring to the uncommitted transaction output or UXTO cash. The UXTO is built from the current block chain. It is a list of all the transactions which have not been used as input to other transactions. When I constructed my bitcoin transaction to you, I included two source transactions. Each awarding me 1.5 bitcoins. The minor checks the UXTO to see that indeed I have not yet spent those bitcoins, which I claim as inputs to my current transaction. When the minor verifies that my input transactions are valid, they are removed from his UXTO. So that if in a subsequent transaction, I attempt to double spend those bitcoins, the transaction will be rejected. What's important to understand is that every step of the minors activity can be verified as legitimate from the information contained in the published block chain. Once the minor successfully publishes the block with my transaction to you in it, every other minor can verify that the block was processed correctly. And again, the fact that there are many minors competing to publish a blog means that the blog publishing is a neutral force in the game. It's a necessary effort, but it's based on compute power as a commodity. The fourth sentence in the abstract is quote, the network time stamps transactions by hashing them into an ongoing chain of hash-based proof of work, forming a record that cannot be changed without redoing that proof of work. Here the notion of a timestamp is quite standard and easy to comprehend. The idea is to publish the block hash as composed of the previous block hash and the hash of all the transactions in the current clock, in a public place, so that everyone knows when particular blocks are published. The fact that each new blocked hash includes the hash of the latest block in the current chain firmly establishes the blocks position in the chain and also ensures that no data from the current chain or new block has been altered. The role of prove of work requires some explanation. Recall that hashes are used extensively to reduce data of arbitrary length to data of constant length. 32 bytes in the case of bitcoin. So all the transactions in a block are hashed into a single 32 byte value, which represents those transactions. No transaction can be modified without affecting the hash. If we take the overall hash of the previous block and hash it with the hash of the contents of this block, the resulting hash which is the overall hash of the current block represents the entire block chain ending in our new block. If this was all that was needed to publish a block, we'd have a problem. The problem would be that for hundreds or even thousands of blocks would be published every few seconds from around the world and deciding which to accept into the block shame would be chaotic and difficult. Enter the proof of work. This is a cryptographically hard to solve problem such that the fastest and most powerful computer systems in the world need about ten minutes to solve the problem. This guarantees that there will be very few blocks, if any at all published at the same time. This cryptographically hard problem is finding a value called a nonce. If you hash the overall value of a block with it's nonce, you'll get a hash that has 61, at least 61 leading 0's. Because SHA256 is a well-behaved hatch, there is no way to solve the problem analytically. It has to be done through trial and error. What interesting about the nonce is that although it takes huge computational power to find, it only takes a simple machine a few micro seconds to verify it. All you have to do is compute the hash of the overall block. Hash it with the nonce and observe that it has at least 61 leading 0's. The bitcoin software allows for the number of leading zeroes to be adjusted as computational power the network expands. This is done to keep the block publishing rate to every ten minutes or so. Thus, the proof of work idea is critical to how bitcoin works. On to sentence five, quote, the longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power, unquote. It stands to reason that if you have two supercomputers properly configured, you will produce more bitcoin blocks than someone who has only one supercomputer. Occasionally, however, by pure chance, someone with a lesser capable machine will publish a blog. This competitive process will create a market of high performing machines competing for the bitcoin rewards for publishing blogs. Originally, the mining machines were single machines. The reward in bitcoins was lucrative, 50 bitcoins per block. But since raw compute power, the ability to produce SHA256 hashes was equivalent to money. Some went all out in pursuit of bitcoin money. To this end, custom integrated circuits designed to perform the SHA256 hash were produced. Data centers with thousands of computers replaced the individual miner. The machines required power and gravitated to where electrical power was the cheapest, China. China is estimated to be home to 60 to 75% of the bitcoins in circulation. But even the most powerful systems, successfully mine two or three blocks per day. We'll see in a minute why the number of miners and the competition among them is so important. Thank you very much for your attention and your patience. Next lesson, we'll conclude our discussion of bitcoin by talking about sentences six through eight in the abstract and by reflecting on how security is implemented in the bitcoin.
