1.1 Satoshi Nakamoto's Whitepaper
On October 31, 2008, an anonymous individual or group using the pseudonym "Satoshi Nakamoto" published a 9-page document titled "Bitcoin: A Peer-to-Peer Electronic Cash System." This whitepaper would fundamentally transform our understanding of money, trust, and decentralized systems.
The Problem Statement
Satoshi began with a clear articulation of the problem with existing electronic payment systems:
"Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model." Bitcoin Whitepaper, 2008
Digital data can be copied infinitely. Without a central authority, how can we prevent someone from spending the same digital money twice? This was the fundamental challenge that prevented previous attempts at digital cash.
The Solution: Proof of Work Chain
Bitcoin's elegant solution combined several existing cryptographic concepts in a novel way:
- Timestamps via hash chain: Transactions are grouped into blocks, each containing a hash of the previous block, creating an immutable chronological record.
- Proof of Work: Miners must expend computational resources to add blocks, making it economically infeasible to rewrite history.
- Longest chain rule: Nodes accept the longest valid chain as the true state, creating eventual consensus without central coordination.
- Economic incentives: Miners are rewarded with new bitcoins, aligning their economic interest with network security.
Historical Timeline
Every blockchain professional should read the original whitepaper. At only 9 pages, it remains the most elegant explanation of how Bitcoin works. Access it at: bitcoin.org/bitcoin.pdf
1.2 The UTXO Model
Bitcoin uses the Unspent Transaction Output (UTXO) model for tracking ownership. Unlike a bank account with a balance, Bitcoin tracks discrete "coins" that can be spent exactly once. Understanding UTXO is fundamental to understanding Bitcoin's security model.
How UTXO Works
Think of UTXOs as physical bills or coins in a wallet. When you have a $20 bill and need to pay $15, you can't tear the bill - you give the whole $20 and receive $5 change. Bitcoin works the same way:
0.01 BTC goes to miner as transaction fee (Input - Outputs = Fee)
UTXO vs Account Model
| Aspect | UTXO (Bitcoin) | Account (Ethereum) |
|---|---|---|
| State Tracking | Set of unspent outputs | Account balances |
| Privacy | Better - new address per transaction | Worse - reusing addresses |
| Parallelization | Easier - independent UTXOs | Harder - sequential nonces |
| Smart Contracts | Limited (Bitcoin Script) | Full Turing completeness |
| Storage | Grows with transactions | More compact for active accounts |
UTXO Set Size
The UTXO set is the complete collection of all unspent outputs at any point in time. As of 2024, this set contains approximately:
- ~100 million UTXOs in total
- ~5-6 GB of data that full nodes must store
- Must be kept in fast-access memory for validation
Very small UTXOs (called "dust") can become economically unspendable when transaction fees exceed their value. Avoid creating UTXOs smaller than ~546 satoshis (the dust limit).
1.3 Bitcoin Transactions & Script
Bitcoin transactions are not simple "send X to Y" commands. They are programs written in Bitcoin Script, a purposefully limited stack-based language that defines the conditions under which funds can be spent.
Transaction Structure
// Simplified Bitcoin Transaction Structure { "version": 2, "inputs": [ { "txid": "abc123...", // Previous tx hash "vout": 0, // Output index "scriptSig": "...", // Unlocking script "sequence": 0xffffffff } ], "outputs": [ { "value": 50000000, // Satoshis (0.5 BTC) "scriptPubKey": "..." // Locking script } ], "locktime": 0 }
Bitcoin Script
Bitcoin Script is intentionally NOT Turing-complete. It lacks loops to prevent infinite execution and ensure transactions can be validated in bounded time.
Common Script Types
| Script Type | Address Prefix | Use Case |
|---|---|---|
| P2PKH (Legacy) | 1... | Standard single-sig transactions |
| P2SH | 3... | Multi-sig, complex conditions |
| P2WPKH (SegWit) | bc1q... | Efficient single-sig, lower fees |
| P2TR (Taproot) | bc1p... | Privacy, smart contracts |
SegWit: Segregated Witness
Activated in August 2017, SegWit was a soft fork that:
- Fixed transaction malleability: Witness data (signatures) moved outside the transaction ID calculation
- Increased capacity: Effective block size increased to ~2MB
- Enabled Layer 2: Lightning Network became possible
- Reduced fees: Witness data discounted in fee calculation
Always use native SegWit (bc1q) or Taproot (bc1p) addresses. They offer lower fees, better privacy, and improved security compared to legacy addresses.
1.4 Mining & Proof of Work
Bitcoin mining is the process by which new transactions are added to the blockchain and new bitcoins are created. Miners compete to solve a computational puzzle, and the winner earns the right to add the next block plus a reward.
The Mining Process
- Collect transactions: Miners gather unconfirmed transactions from the mempool
- Build block header: Construct header with previous block hash, merkle root, timestamp, difficulty target, and nonce
- Hash and compare: SHA-256 hash the header and check if result is below target
- Increment nonce: If hash fails, change nonce and try again (billions of times per second)
- Broadcast block: When valid hash found, broadcast block to network
Mining Economics
| Metric | Value (2024) |
|---|---|
| Network Hashrate | ~500 EH/s (500 quintillion hashes/second) |
| Block Reward | 3.125 BTC (post-April 2024 halving) |
| Annual Energy Consumption | ~120-150 TWh (comparable to Argentina) |
| Mining Hardware | ASIC only (Application-Specific Integrated Circuit) |
Mining Pools
Solo mining is no longer viable for most participants. Mining pools combine hashrate from thousands of miners and distribute rewards proportionally:
- Foundry USA: ~30% of hashrate (US-based)
- AntPool: ~20% (Bitmain-affiliated)
- F2Pool: ~15% (One of the oldest pools)
- ViaBTC: ~10%
If a single pool exceeds 51% hashrate, it could theoretically perform double-spend attacks. The Bitcoin community actively monitors pool distribution and encourages miners to switch pools if concentration becomes dangerous.
1.5 The Halving Cycle
Bitcoin's monetary policy is defined by a predictable, immutable supply schedule. Every 210,000 blocks (~4 years), the block reward is cut in half. This creates a disinflationary supply curve that will eventually cap at 21 million BTC.
Bitcoin has a mathematically enforced maximum supply of 21 million BTC. This cannot be changed without consensus from the entire network - effectively impossible given the economic incentives of existing holders.
Halving History
| Halving | Date | Block Height | Reward | Total BTC Mined |
|---|---|---|---|---|
| Genesis | Jan 2009 | 0 | 50 BTC | 0 |
| 1st Halving | Nov 2012 | 210,000 | 25 BTC | 10.5M |
| 2nd Halving | Jul 2016 | 420,000 | 12.5 BTC | 15.75M |
| 3rd Halving | May 2020 | 630,000 | 6.25 BTC | 18.375M |
| 4th Halving | Apr 2024 | 840,000 | 3.125 BTC | 19.6875M |
Supply Schedule Mathematics
The total supply can be calculated as a geometric series:
// Total Bitcoin Supply Calculation Total = 210,000 blocks x (50 + 25 + 12.5 + 6.25 + ...) BTC Total = 210,000 x 50 x (1 + 0.5 + 0.25 + 0.125 + ...) Total = 210,000 x 50 x 2 // Geometric series sum Total = 21,000,000 BTC // Last satoshi will be mined approximately in year 2140
Stock-to-Flow Model
The halving creates a predictable "stock-to-flow" ratio - the ratio of existing supply to annual new production:
- Pre-2024: S2F ~56 (comparable to gold)
- Post-2024: S2F ~112 (exceeds gold's ~62)
- Post-2028: S2F ~224
Historically, Bitcoin has experienced significant price appreciation in the 12-18 months following each halving. However, past performance does not guarantee future results, and Bitcoin remains highly volatile.
1.6 Network Security & Attack Vectors
Bitcoin's security rests on economic incentives and cryptographic guarantees. Understanding potential attack vectors is crucial for blockchain professionals assessing risk and advising clients.
The 51% Attack
Economics of 51% Attack on Bitcoin
| Cost Component | Estimate (2024) |
|---|---|
| Hardware (250 EH/s) | $10-15 billion |
| Electricity (per day) | $50-100 million |
| Opportunity cost (lost rewards) | ~$30 million/day |
The attack is economically irrational because success would crash Bitcoin's price, destroying the value of the attacker's hardware investment.
Other Attack Vectors
- Selfish Mining: Withholding blocks to gain unfair advantage (requires ~25%+ hashrate)
- Eclipse Attack: Isolating a node from honest peers by controlling all its connections
- Sybil Attack: Creating many fake identities (mitigated by PoW cost)
- Transaction Malleability: Largely fixed by SegWit
- Dust Attack: Sending tiny amounts to track wallet activity
Confirmation Security
The industry standard of waiting for 6 confirmations (~1 hour) makes transaction reversal practically impossible. The probability of successful attack decreases exponentially with each confirmation.
| Confirmations | Time | Recommended For |
|---|---|---|
| 0 (unconfirmed) | 0 min | Low value, trusted parties |
| 1 | ~10 min | Small purchases |
| 3 | ~30 min | Medium transactions |
| 6 | ~60 min | Large transactions, exchanges |
| 60+ | ~10 hours | Multi-million dollar settlements |
Key Takeaways
- Bitcoin solved the double-spend problem without trusted third parties using Proof of Work consensus
- UTXO model tracks discrete coins, not balances - better for privacy and parallelization
- Bitcoin Script is intentionally limited to ensure bounded validation time
- Mining difficulty adjusts every 2,016 blocks to maintain 10-minute block time
- Halving every 210,000 blocks creates predictable monetary policy capping at 21M BTC
- 51% attack is economically irrational on Bitcoin due to hardware investment destruction
- 6 confirmations is the industry standard for transaction finality