Bitcoin protocol

Blockchain technology is a decentralized and secure digital ledger that records transactions across a network of computers. It ensures transparency, immutability, and tamper resistance, making data manipulation difficult. Blockchain is the underlying technology for cryptocurrencies like bitcoin and has applications beyond finance, such as supply chain management and smart contracts. Transactions The network requires minimal structure to share transactions. An ad hoc decentralized network of volunteers is sufficient. Messages are broadcast on a best-effort basis, and nodes can leave and rejoin the network at will. Upon reconnection, a node downloads and verifies new blocks from other nodes to complete its local copy of the blockchain. ==Mining==

-based mining rig, 2012 Bitcoin uses a proof-of-work system or a proof-of-transaction to form a distributed timestamp server as a peer-to-peer network. Requiring a proof of work to accept a new block to the blockchain was Satoshi Nakamoto's key innovation. The mining process involves identifying a block that, when hashed twice with SHA-256, yields a number smaller than the given difficulty target. While the average work required increases in inverse proportion to the difficulty target, a hash can always be verified by executing a single round of double SHA-256. For the bitcoin timestamp network, a valid proof of work is found by incrementing a nonce until a value is found that gives the block's hash the required number of leading zero bits. Once the hashing has produced a valid result, the block cannot be changed without redoing the work. As later blocks are chained after it, the work to change the block would include redoing the work for each subsequent block. If there is a deviation in consensus then a blockchain fork can occur. Majority consensus in bitcoin is represented by the longest chain, which required the greatest amount of effort to produce. If a majority of computing power is controlled by honest nodes, the honest chain will grow fastest and outpace any competing chains. To modify a past block, an attacker would have to redo the proof-of-work of that block and all blocks after it and then surpass the work of the honest nodes. The probability of a slower attacker catching up diminishes exponentially as subsequent blocks are added. Computing power is often bundled together or "pooled" to reduce variance in miner income. Individual mining rigs often have to wait for long periods to confirm a block of transactions and receive payment. In a pool, all participating miners get paid every time a participating server solves a block. This payment depends on the amount of work an individual miner contributed to help find that block, and the payment system used by the pool. Environmental effects -based mining machine Mined bitcoins By convention, the first transaction in a block is a special transaction that produces new bitcoins owned by the creator of the block. This is the incentive for nodes to support the network. The next halving is expected to occur in 2028, when the block reward will fall to 1.625 bitcoins. This halving process is programmed to continue a maximum of 64 times before new coin creation ceases. ==Payment verification==

Each miner can choose which transactions are included in or exempted from a block. A greater number of transactions in a block does not equate to greater computational power required to solve that block. As noted in Nakamoto's whitepaper, it is possible to verify bitcoin payments without running a full network node (simplified payment verification, SPV). A user only needs a copy of the block headers of the longest chain, which are available by querying network nodes until it is apparent that the longest chain has been obtained; then, get the Merkle tree branch linking the transaction to its block. Linking the transaction to a place in the chain demonstrates that a network node has accepted it, and blocks added after it further establish the confirmation. == Protocol features ==

Security Various potential attacks on the bitcoin network and its use as a payment system, real or theoretical, have been considered. The bitcoin protocol includes several features that protect it against some of those attacks, such as unauthorized spending, double spending, forging bitcoins, and tampering with the blockchain. Other attacks, such as theft of private keys, require due care by users. Unauthorized spending Unauthorized spending is mitigated by bitcoin's implementation of public-private key cryptography. For example, when Alice sends a bitcoin to Bob, Bob becomes the new owner of the bitcoin. Eve, observing the transaction, might want to spend the bitcoin Bob just received, but she cannot sign the transaction without the knowledge of Bob's private key. A variant race attack (which has been called a Finney attack by reference to Hal Finney) requires the participation of a miner. Instead of sending both payment requests (to pay Bob and Alice with the same coins) to the network, Eve issues only Alice's payment request to the network, while the accomplice tries to mine a block that includes the payment to Bob instead of Alice. There is a positive probability that the rogue miner will succeed before the network, in which case the payment to Alice will be rejected. As with the plain race attack, Alice can reduce the risk of a Finney attack by waiting for the payment to be included in the blockchain. History modification Each block that is added to the blockchain, starting with the block containing a given transaction, is called a confirmation of that transaction. Ideally, merchants and services that receive payment in bitcoin should wait for at least a few confirmations to be distributed over the network before assuming that the payment was done. The more confirmations that the merchant waits for, the more difficult it is for an attacker to successfully reverse the transaction—unless the attacker controls more than half the total network power, in which case it is called a 51% attack, or a majority attack. Although more difficult for attackers of a smaller size, there may be financial incentives that make history modification attacks profitable. Quantum-Enabled Attacks The cryptographic primitives employed by Bitcoin are pre-quantum and therefore vulnerable to an attack from a adversary with a cryptographically-relevant, general-purpose quantum computer. The Bitcoin protocol uses the Elliptic Curve Digital Signature Algorithm (ECDSA) to sign and verify transactions. ECDSA is vulnerable to attacks from a quantum computer due to its reliance on the security of the discrete logarithm problem. The Bitcoin protocol allows senders to send Bitcoin to the hash of the recipient's public key. The hash obscures the public key of the recipient and is therefore quantum-resistant while unspent. However, in order for the recipient to transact with the received bitcoin, the recipient would need to broadcast their public key. This broadcast could allow a quantum-enabled attacker to derive the private key from the public key and steal the Bitcoin. Additionally, the security of the proof of work may be vulnerable to a general-purpose quantum computer with sufficient depth and stability to perform hashing. Grover's algorithm can be applied to the hash-based proof of work of the Bitcoin protocol to quadratically reduce the time it takes to find a valid nonce. If such quantum computers were available that could perform Grover's algorithm on a hash-based, proof-of-work blockchain, an attacker would very likely be capable of performing a 51% attack due to the massive speed-up. Scalability Privacy Deanonymisation of clients Deanonymisation is a strategy in data mining in which anonymous data is cross-referenced with other sources of data to re-identify the anonymous data source. Along with transaction graph analysis, which may reveal connections between bitcoin addresses (pseudonyms), there is a possible attack which links a user's pseudonym to its IP address. If the peer is using Tor, the attack includes a method to separate the peer from the Tor network, forcing them to use their real IP address for any further transactions. The cost of the attack on the full bitcoin network was estimated to be under €1500 per month, as of 2014. == See also ==