Bitcoin: Transaction block chains (video) | Khan Academy

Video transcript

The last really essential
or salient piece for understanding the
mechanics of how Bitcoins work is what we call the
transaction block chain. So if you recall in
the previous video, you had a motivating
example of a user, Alice, who wanted to send
some number of Bitcoins to another user,
Bob, in the system. And what Alice has to do to
initiate that transaction was to construct a transaction–
a record of sorts– that contained information
about the transaction and that was signed with
Alice’s signing key. And that actually contained
Alice’s public verification key and Bob’s public
verification key as well. And that transaction information
was basically broadcast out, as we mentioned, to the
entire Bitcoin ecosystem. To all the nodes on the
Bitcoin peer-to-peer network. And the various nodes
in the Bitcoin ecosystem are going to sit there. They’re going to
receive information about this transaction. But they’re also going
to be getting information about a lot of
other transactions that are taking place
around the same time. And what these notes
are going to start doing is they’re going to work on
incorporating this transaction record into a ledger of all
transactions that have ever taken place in the
Bitcoin system. And so what happens is that
each node basically starts off by taking all of the previously
unincorporated transactions that they’ve ever received. So there’s going to be all these
transactions out there that have kind of happened
within a given time window. And there’s all these
Bitcoin transactions kind of floating around. And these nodes– these Bitcoin
miners as they’re called– are going to receive
information about all these different
transactions and they’re going to start working
on incorporating those transactions. And their first goal is to
collate these transactions into what’s known as
a transaction block. So if you recall
our ledger analogy, a single Bitcoin
transaction essentially corresponds to a proposed
entry in a ledger. In that capacity,
a transaction block would basically correspond
to her page in a ledger where you have multiple
transactions that are listed in that
page of the ledger. And the goal– the Bitcoin
miner’s goal– is to really, essentially, to take
that page and get it added to the global ledger book,
the global comprehensive ledger book. Now to engage in this sort of
work, what these nodes will basically do is they’ll first
take all the transactions that have been broadcast out. And let’s say these
four transactions have been broadcast out. And they’re going to basically
hash these transactions in pairs in basically
a tree-like structure. They’ll take these
two transactions and they’ll apply a
[? graphic ?] hash function to those details. And we’ll get a
[? cars ?] flying digest, goes the same for these
two, and then they’ll take these two
digests and hash them to get a single digest value. And this digest effectively
encodes all of the transactions that were previously
unincorporated and that were received by
these individual nodes. And then this
digest is basically going to be combined with
the hash of the transaction block that was previously
accepted by the network. So you can imagine if
there is– the network will have a series
of transaction blocks that were previously accepted. And in fact, every
transaction block as I mentioned just
now incorporates the previous transaction lock. So this transaction
block will incorporate the one that was
used just before it, and this transaction
block will incorporate the one that was
used just for it. And it’s going to
go on literally until the beginning
of Bitcoin times. So this is really
where the Bitcoin– the beginning of time for
the Bitcoin system, this is just time equals
zero for Bitcoin. And they’re going to
take this last block and they’re going
to, essentially now, take this last block and combine
it with this most recent block. And so if you imagine that
you have now, not just an individual block, because
each individual block incorporates the
block before it. We’re not dealing anymore with
an isolated or distinct block of transactions, but rather
with a chain of blocks that starts literally at the
beginning of the entire Bitcoin system. Now when you do all
of this combination, at the end of the
day, you’re going to do some cryptographic
hashing and you basically will end up with a
sequence of numbers. And this sequence
of numbers will be derived by incorporating
all these blocks together. You’ll get a
sequence of numbers, and what we’re going
to basically do is take this sequence of numbers
and convert that sequence of numbers into a challenge
in a proof of work protocol. Now I did a separate video
on proof of protocols, I would encourage you
to watch that if you want to get a better
sense for how they work. But the short of it is that
what the Bitcoin mining node has to do at this point is he’ll
take that Bitcoin– he’ll take the challenge and
he’ll have to come up with a separate sequence of
numbers– which we typically termed the proof, or
the proof of work– and this proof of
work has to have a very specific
mathematical property. And what that
property entails is that if you take the
challenge numbers, and you take these
proof numbers, and you concatenate
them together, and you make them the input
to a cryptographic hash function, the
resulting output has to have a large prefix
of zeroes And that doesn’t have to be all
zeroes, but a large portion of the beginning– the
prefix– has to be all zeroes And if you think about
for a moment, given that cryptographic
hash functions, given that their output
tends to look fairly random, it’s unlikely in
any given instance that you are going
to see a proof. A proposed proof
that provides you with a large string of
zeroes at the beginning. And so what the Bitcoin miner
will have to do is on average, he’ll have to try out
many possible choices for these proof numbers
until he finally gets lucky and he stumbles
upon one that has this kind of off-beat or
strange statistical property. And the actual difficulty of
finding these proof numbers, as you can tell, is
dependent on exactly how many leading zeroes
are required. The more leading zeroes
you require in this proof, the longer it takes to
actually solve a problem. The longer it takes to
actually come up with a proof that works with respect
to a given challenge. The fewer zeroes
that you require, the less time it will take. Now the exact number of
bits of zero bits required in the Bitcoin protocol
actually does change over time. It gets calibrated. And it’s designed
to not, on average, the average time taken
across the whole system should be about 10 minutes. So you want to take about 10
minutes for at least one node to come up with a valid
proof, but keep in mind that a lot of nodes are working
on this proof concurrently. All right, now once this
proof of work is found, let’s say that the proof of
work is eventually found. The Bitcoin miner will
announce the results to the overall
peer-to-peer network. He’s going to take this proof
and really all the challenge, and so on, and he’s going to
announce it to all the notes. And they’re now going to
see that, hey, there’s this proof out there,
somebody found it. Let’s drop the other
stuff we were doing and we’re going to now
start to work and build on top of this new proof. Remember, this new proof of
this new challenge, these all incorporate all the
previous transaction blocks. Really, what they’re
starting to do is starting to work off of a
new, updated transaction block chain. And they’re going to incorporate
any new unincorporated transactions into that
new transaction blocking. Now there are a couple of
points I want to make here. So first of all, as part of
constructing these transactions blocks, and really as
part of incorporating them into a transaction block
chain, Bitcoin miners are actually allowed–
one little special treat– they are allowed to include
in that transaction block– a special node for themselves. And this node will
basically be a little reward if they can get– and
let me use the greenish color for that
reward– they could take the first block,
the first transaction item, the first
transaction record, and they can put in that
transaction record– they can assign a reward
to themselves. Now the amount of that
reward will change over time. But I do want to point out what
this transaction is typically called is called a coin-based
transaction, or a generation transaction. This is how new coins get
included in the Bitcoin system. So whenever a minor
succeeds in coming up with a proof as part of
that he’ll have been allowed to come up with his own
transaction to reward himself, a special little
reward, for extending the effort necessary to
come up with this proof and for doing all this
work associated with adding a new transaction block to
the existing transaction block chain for Bitcoin. And I think that’s reasonable. After all these notes are using
a lot of computational power to come up with these
proofs and if they’re using computational
power that must mean that somewhere along
the line, somebody is spending money on
electricity and so on. Now, I also want to point
out that in addition to this coin-base
award, the nodes who’re doing the Bitcoin mining,
the ones who succeed. Also get to collect
the transaction fees that were specified
in the transaction records. If you recall, a person issuing
a transaction in Bitcoin can allocate or set aside a
certain amount of money– maybe it can be a Bitcoin or
a fractional Bitcoin– for the node who
succeeds in coming up with the actual
proof of working, and effectively the
node that succeeds in being able to
add that transaction to the overall bitcoin
transaction block chain. And so that node that
does the work succeeds, gets a reward, another
transaction fee. Now this could actually
become quite large because the node will not
only get the transaction fee before one transaction. You’ll get the transaction
fee for all the transactions that appeared in
the current block. It’s going to give
the aggregate over all these different transactions. Now the second
point I want to make is that it might be
possible for two nodes to solve the proof of work
independently of each other. And somehow, they
both end up trying to add to that existing
chain in some ways. You make get some weird
chain forking happening. If that happens, the peers
in the Bitcoin network will basically break a tie
by sticking with the longest chain. And by longest, I
don’t mean the one that has to be the most
transactions in it. I really need the one
that has the highest aggregate difficulty
associated with that underlying proof of work protocol in each
of the transaction blocks. And we’ll basically look at
the total amount of effort that was required to generate
that chain with regard to that proof of work. And whichever chain has
the most work associated with it is a chain
that’s sacrosanct, it’s a chain that
everybody will accept. Now you may get some
word discrepancies because of network
latency issues and so on. But the idea is that after maybe
a couple of rounds when there are ties, they’ll quickly
resolve themselves as long as most of the
nodes are being honest and really stick to the
implementation of the protocol. Now since Bitcoin miners
are generating bitcoins, I think there’s an interesting
question that comes up here which is, how is the Bitcoin
money supply, controlled, and how is it managed? And I’m going to talk about that
concept in a subsequent video.