User talk:Richardbondi

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Welcome[edit]

Hi and welcome to wikipedia. I hope you like it and decide to stay. Here are some handy links for newcomers.

Also you can sign your name on talk pages and vote pages with three tildes like this ~~~, and your name with a time stamp with four like this ~~~~. If you have any questions, ask me on my talk page. Father Howabout1 Talk to me! 15:51, August 13, 2005 (UTC)

Bold, revert, discuss[edit]

Hi Richard. Apologies for any confusion about your recent Bitcoin edits, but the Wikipedia:BOLD, revert, discuss cycle is normal here. I've started a thread on the talk page about it, so I suggest that's the place to continue the discussion. Thanks for your edit! Fleetham (talk) 03:55, 4 April 2014 (UTC)

RFC: Proposed "Overview" section for Bitcoin entry[edit]

@Fleetham: wrote on 4/3/2014, in the Bitcoin talk section:

Hi, and thanks for your recent edit. You added a large amount of material to the very start of the article. A WP:BOLD move indeed. Congrats! As adding such a large amount of uncited material is unusual, I'd like to discuss the changes here. There's a couple of concerns... The edit lacks sources, and may be WP:Original research. And while your content additions are appreciated, I'm also not sure the best place for a detailed discussion of double spending is at the top of the page. Let's continue to discuss the changes referring to the Wikipedia:BOLD, revert, discuss cycle if needed. Fleetham (talk) 04:01, 4 April 2014 (UTC)

I wrote:

@Fleetham: Thanks, Fleetham. I've moved my proposed entry to User:Richardbondi could we & others please discuss it there?

I'm proposing this as the second section of the Bitcoin article; I've pasted the first of eight paragraphs below so interested readers can decide if they want to click through and discuss the rest.

Re Fleetham's comments[edit]

  1. I have not been able to find a comparably comprehensible explanation of its functioning anywhere, even on Wikipedia. My intention by being Bold was to get my account edited by others who understand how Bitcoin works.
  2. My source is an online article I have written, which in turn cites the original Bitcoin white paper; could someone suggest where in my Wikipedia entry I could best add it as a reference?
  3. I thought the second main heading of the Bitcoin article was the appropriate place to put my Overview because: (1) people presumably come to the article to find out first _what_ Bitcoin is and then second immediately _how_ it works; (2) the current entry does indeed follow this format, but IHMO the current explanation of how Bitcoin works is too difficult to follow without the kind of Overview that I am proposing.

Proposed "Overview" section for Bitcoin[edit]

Overview[edit]

Just as a ledger can be used to record transfers of conventional money like dollars from payers to payees, all Bitcoin transfers are recorded in a ledger, called the "blockchain". However, whereas a conventional ledger records the transfer of actual dollar bills or promisory notes that exist apart from it, in the case of Bitcoin, only the blockchain exists: there are no actual coins or bills or other entities. It simply records the transfer of numbers from a payer to a payee, and those numbers are called "Bitcoins". What has made it viable as a currency is the system that makes it virtually impossible to create fraudulent entries in the blockchain ledger; most notably, entries cannot be fraudulently added or modified or deleted. What is remarkable is that this is accomplished without any central authority or server. Bitcoin servers form a network by simply connecting to each other over the Internet, and broadcasting any blockchain ledger additions they make to each other.

There are two main ways the blockchain ledger can be corrupted to commit fraud: by adding to it, or by modifying it. Bitcoin prevents both as follows.

The Addition Attack and digital signatures[edit]

Payers and payees are identified in the blockchain by their public cryptographic keys: most Bitcoin transfers are from one public key to a different public key. In principle, an attacker Eve could steal money from Alice and Bob by simply adding transactions to the blockchain ledger like "Alice pays Eve 100 Bitcoins", "Bob pays Eve 100 Bitcoins", and so on, using of course these people's public keys instead of their names. The Bitcoin protocol prevents this kind of theft by requiring every transfer to be signed with the payer's private key; only signed transfers can be added to the blockchain ledger.

The Modification Attack and mining[edit]

The other principle way to steal Bitcoins would be to modify blockchain ledger entries. Eve could buy something from Alice, like a sofa, by adding a signed entry to the blockchain ledger equivalent to "Eve pays Alice 100 Bitcoins"; later, after receiving the sofa, Eve could modify that blockchain ledger entry to read "Eve pays Alice 1 Bitcoin", or even delete the entry. Digital signatures cannot prevent against this attack: Eve can simply sign her entry again after modifying it!

To prevent against modification attacks, the Bitcoin protocol requires entries be added to the blockchain not one at a time, but in groups or "blocks". Furthermore, each block must be accompanied by a hash of three things: the hash of the previous block, the block itself, and a number called a "nonce". A hash of only the first two items will, like any cryptographic hash, always have a fixed number of bits (eg 256 for SHA-256). The nonce is a number which, when included, yields a hash with a specified number of zero bits. Because cryptographic hashes are essentially random, in the sense that their output cannot be predicted from their inputs, there is only one known way to find the nonce: to try out integers one after the other, e.g. 1, then 2, then 3, and so on. This process is called mining. The larger the number of leading zeros, the longer on average it will take to find a requisite nonce. The Bitcoin protocol adjusts the number of leading zeros so that the average time to find a nonce is about ten minutes. As computer hardware gets faster over the years, the Bitcoin protocol will simply require more leading zero bits.

This prevents modification attacks in part because an attacker has to recalculate all the hashes of the blocks after the modified one. In the example above, if Eve wants to change "100 Bitcoins" to "1 Bitcon", she will not only have to recompute the hash of the block that transaction is in, but of all the blocks that come after it; she will have to recreate the chain of blocks. She can do this, but it will take her time; about ten minutes on average per block. However, during that time, the network will continue to add blocks, and it will do so much faster than Eve alone can mine. Eve would have to recalculate all the blocks before the network could add a new one, or at least to catch up with and overtake the network miners. To do this, she would have to have much more computing power than all of the existing Bitcoin miners combined. This would be very expensive and, if the Bitcoin network is large enough, infeasible; furthermore, because of two additional features of the Bitcoin protocol, it would make more financial sense for Eve to devote those resources to normal Bitcoin mining instead.

Incentives to mine[edit]

Miners have two incentives to mine. First of all, as a reward for finding a nonce, they are allowed to allot themselves a certain number of Bitcoins "out of thin air". Second, every payer can include an optional "transaction fee", which can be thought of as a kind of tip before a service is rendered rather than after. A miner who finds a nonce can transfer all the transaction fees in that block to herself. Payers have an incentive to include transaction fees because their transactions will likely be added to the blockchain sooner: miners prefer to include such transactions in their blocks.

In the Bitcoin protocol, the number of Bitcoins that can be manufactured "out of thin air" decreases steadily over time, and will eventually be zero. After that time, miners' only incentive will be transaction fees.

Overview[edit]

Just as a ledger can be used to record transfers of conventional money like dollars from payers to payees, all Bitcoin transfers are recorded in a ledger, called the "blockchain". However, whereas a conventional ledger records the transfer of actual dollar bills or promisory notes that exist apart from it, in the case of Bitcoin, only the blockchain exists: there are no actual coins or bills or other entities. It simply records the transfer of numbers from a payer to a payee, and those numbers are called "Bitcoins". What has made it viable as a currency is the system that makes it virtually impossible to create fraudulent entries in the blockchain ledger; most notably, entries cannot be fraudulently added or modified or deleted. What is remarkable is that this is accomplished without any central authority or server. Bitcoin servers form a network by simply connecting to each other over the Internet, and broadcasting any blockchain ledger additions they make to each other.

There are two main ways the blockchain ledger can be corrupted to commit fraud: by adding to it, or by modifying it. Bitcoin prevents both as follows.

The Addition Attack and digital signatures[edit]

Payers and payees are identified in the blockchain by their public cryptographic keys: most Bitcoin transfers are from one public key to a different public key. In principle, an attacker Eve could steal money from Alice and Bob by simply adding transactions to the blockchain ledger like "Alice pays Eve 100 Bitcoins", "Bob pays Eve 100 Bitcoins", and so on, using of course these people's public keys instead of their names. The Bitcoin protocol prevents this kind of theft by requiring every transfer to be signed with the payer's private key; only signed transfers can be added to the blockchain ledger.

The Modification Attack and mining[edit]

The other principle way to steal Bitcoins would be to modify blockchain ledger entries. Eve could buy something from Alice, like a sofa, by adding a signed entry to the blockchain ledger equivalent to "Eve pays Alice 100 Bitcoins"; later, after receiving the sofa, Eve could modify that blockchain ledger entry to read "Eve pays Alice 1 Bitcoin", or even delete the entry. Digital signatures cannot prevent against this attack: Eve can simply sign her entry again after modifying it!

To prevent against modification attacks, the Bitcoin protocol requires entries be added to the blockchain not one at a time, but in groups or "blocks". Furthermore, each block must be accompanied by a hash of three things: the hash of the previous block, the block itself, and a number called a "nonce". A hash of only the first two items will, like any cryptographic hash, always have a fixed number of bits (eg 256 for SHA-256). The nonce is a number which, when included, yields a hash with a specified number of zero bits. Because cryptographic hashes are essentially random, in the sense that their output cannot be predicted from their inputs, there is only one known way to find the nonce: to try out integers one after the other, e.g. 1, then 2, then 3, and so on. This process is called mining. The larger the number of leading zeros, the longer on average it will take to find a requisite nonce. The Bitcoin protocol adjusts the number of leading zeros so that the average time to find a nonce is about ten minutes. As computer hardware gets faster over the years, the Bitcoin protocol will simply require more leading zero bits.

This prevents modification attacks in part because an attacker has to recalculate all the hashes of the blocks after the modified one. In the example above, if Eve wants to change "100 Bitcoins" to "1 Bitcon", she will not only have to recompute the hash of the block that transaction is in, but of all the blocks that come after it; she will have to recreate the chain of blocks. She can do this, but it will take her time; about ten minutes on average per block. However, during that time, the network will continue to add blocks, and it will do so much faster than Eve alone can mine. Eve would have to recalculate all the blocks before the network could add a new one, or at least to catch up with and overtake the network miners. To do this, she would have to have much more computing power than all of the existing Bitcoin miners combined. This would be very expensive and, if the Bitcoin network is large enough, infeasible; furthermore, because of two additional features of the Bitcoin protocol, it would make more financial sense for Eve to devote those resources to normal Bitcoin mining instead.

Incentives to mine[edit]

Miners have two incentives to mine. First of all, as a reward for finding a nonce, they are allowed to allot themselves a certain number of Bitcoins "out of thin air". Second, every payer can include an optional "transaction fee", which can be thought of as a kind of tip before a service is rendered rather than after. A miner who finds a nonce can transfer all the transaction fees in that block to herself. Payers have an incentive to include transaction fees because their transactions will likely be added to the blockchain sooner: miners prefer to include such transactions in their blocks.

In the Bitcoin protocol, the number of Bitcoins that can be manufactured "out of thin air" decreases steadily over time, and will eventually be zero. After that time, miners' only incentive will be transaction fees.