From 54a1215a9c11daa3ab29fceb0059916e7fcc91ee Mon Sep 17 00:00:00 2001 From: Jason Bisterfeldt Date: Tue, 19 Aug 2014 14:06:27 -0500 Subject: [PATCH 01/37] Update address definition Addresses are the 160-bit hash of a public key, multisignature addresses begin with three (3). --- preface.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/preface.asciidoc b/preface.asciidoc index 82e962ce..5e5ec4dd 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -111,11 +111,11 @@ Watch us on YouTube: link:$$http://www.youtube.com/oreillymedia$$[] This quick glossary contains many of the terms used in relation to bitcoin. These terms are used throughout the book, so bookmark this for a quick reference and clarification. -address (aka public key):: +address (sometimes mistakenly referred to as a public key):: ((("bitcoin address"))) ((("address", see="bitcoin address"))) ((("public key", see="bitcoin address"))) - A bitcoin address looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+, they always start with a one. You can have as many as you like, share them so people can send you coins. + A bitcoin address is derived from a public key, and looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+. Most addresses begin with a one, excepting multisignature addresses, which begin with a three. You can have as many as you like, share them so people can send you coins. bitcoin:: ((("bitcoin"))) From 6b852f2a8eb6a348b16983557c68a30e3794d660 Mon Sep 17 00:00:00 2001 From: Michalis Kargakis Date: Wed, 20 Aug 2014 02:31:14 +0300 Subject: [PATCH 02/37] Add missing comma --- ch08.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch08.asciidoc b/ch08.asciidoc index f0ed0ab9..6f686ee6 100644 --- a/ch08.asciidoc +++ b/ch08.asciidoc @@ -781,5 +781,5 @@ The massive increase of total hashing power has arguably made bitcoin impervious Not all attackers will be motivated by profit, however. One potential attack scenario is where an attacker intends to disrupt the bitcoin network without the possibility of profiting from such disruption. A malicious attack aimed at crippling bitcoin would require enormous investment and covert planning, but could conceivably be launched by a well funded, most likely state-sponsored attacker. Alternatively, a well-funded attacker could attack bitcoin's consensus by simultaneously amassing mining hardware, compromising pool operators and attacking other pools with denial-of-service. All of these scenarios are theoretically possible, but increasingly impractical as the bitcoin network's overall hashing power continues to grow exponentially. Recent advancements in bitcoin, such as P2Pool mining, aim to further de-centralize mining control, making bitcoin consensus even harder to attack. -Undoubtedly, a serious consensus attack would erode confidence in bitcoin in the short term, possibly causing a significant price decline. However, the bitcoin network and software is constantly evolving, so consensus attacks would be met with immediate counter-measures by the bitcoin community, making bitcoin hardier, stealthier and more robust. +Undoubtedly, a serious consensus attack would erode confidence in bitcoin in the short term, possibly causing a significant price decline. However, the bitcoin network and software is constantly evolving, so consensus attacks would be met with immediate counter-measures by the bitcoin community, making bitcoin hardier, stealthier, and more robust. From f521a46225b4dffee12e1782f9222767ce2d2145 Mon Sep 17 00:00:00 2001 From: Michalis Kargakis Date: Wed, 20 Aug 2014 02:54:20 +0300 Subject: [PATCH 03/37] Add more missing commas --- ch09.asciidoc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ch09.asciidoc b/ch09.asciidoc index 45b3da9c..efc37147 100644 --- a/ch09.asciidoc +++ b/ch09.asciidoc @@ -1,9 +1,9 @@ [[ch9]] -== Alternative chains, currencies and applications +== Alternative chains, currencies, and applications Bitcoin was neither the beginning nor the end of the digital currency evolution. It came from twenty years of research in distributed systems and currencies and brought a revolutionary new technology into the space: the de-centralized consensus mechanism based on Proof-of-Work. The invention at the heart of bitcoin has ushered a wave of innovation in currencies, financial services, economics, distributed systems, voting systems, corporate governance, and contracts. -In this chapter we'll examine the many offshoots of the bitcoin and blockchain inventions, the alternative chains, currencies and applications built since the introduction of this technology in 2009. +In this chapter we'll examine the many offshoots of the bitcoin and blockchain inventions, the alternative chains, currencies, and applications built since the introduction of this technology in 2009. For every alt-coin mentioned in this chapter, 50 or more will go unmentioned, eliciting howls of anger from their creators and fans. The purpose of this chapter is not to evaluate or qualify alt-coins, or to mention the most "significant" ones based on some subjective assessment. Instead, we will highlight a few examples that show the breadth and variety of the ecosystem, noting the first-of-a-kind for each innovation or significant differentiation. Some of the most interesting examples of alt-coins are in fact complete failures from a monetary perspective. That perhaps makes them even more interesting for study and highlights the fact that this chapter is not to be used as an investment guide. @@ -13,11 +13,11 @@ With new coins introduced every day, it would be impossible not to miss some imp Bitcoin is an open source project and its code has been used as the basis for many other software projects. The most common form of software spawned from bitcoin's source code are alternative de-centralized currencies, or _alt-coins_, which use the same basic building blocks to implement digital currencies. -There are a number of protocol layers implemented on top of bitcoin's blockchain. These _meta-coins_, _meta-chains_, or _blockchain apps_ use the blockchain as an application platform or extend the bitcoin protocol by adding protocol layers. Examples include Colored Coins, Mastercoin and Counterparty. +There are a number of protocol layers implemented on top of bitcoin's blockchain. These _meta-coins_, _meta-chains_, or _blockchain apps_ use the blockchain as an application platform or extend the bitcoin protocol by adding protocol layers. Examples include Colored Coins, Mastercoin, and Counterparty. In the next section we will examine a few notable alt-coins, such as Litecoin, Dogecoin, Freicoin, Primecoin, Peercoin, Darkcoin, and Zerocoin. These alt-coins are notable for historical reasons or because they are good examples for a specific type of alt-coin innovation, not because they are the most valuable or "best" alt-coins. -In addition to the alt-coins, there are also a number of alternative blockchain implementations that are not really "coins", which I call _alt-chains_. These alt-chains implement a consensus algorithm and distributed ledger as a platform for contracts, name registration or other applications. Alt-chains use the same basic building blocks and sometimes also use a currency or token as a payment mechanism, but their primary purpose is not currency. We will look at Namecoin, Ethereum and NXT as examples of alt-chains. +In addition to the alt-coins, there are also a number of alternative blockchain implementations that are not really "coins", which I call _alt-chains_. These alt-chains implement a consensus algorithm and distributed ledger as a platform for contracts, name registration, or other applications. Alt-chains use the same basic building blocks and sometimes also use a currency or token as a payment mechanism, but their primary purpose is not currency. We will look at Namecoin, Ethereum, and NXT as examples of alt-chains. In addition to the Proof-of-Work consensus mechanism used in bitcoin, alternatives include experimental protocols based on Proof-of-Resource and Proof-of-Publishing. We will examine Maidsafe and Twister as examples of these consensus mechanisms. @@ -31,7 +31,7 @@ Meta-coins and meta-chains are software layers implemented on top of bitcoin, ei Colored Coins is a meta-protocol that overlays information on small amounts of bitcoin. A "colored" coin is an amount of bitcoin repurposed to express another asset. Imagine for example taking a $1 USD note and putting a stamp on it that said "This is a 1 share certificate of Acme Inc.". Now the $1 serves two purposes: it is a currency note and also a share certificate. Because it is more valuable as a share, you would not want to use it to buy candy, so effectively it is no longer useful as currency. Colored coins work in a same way by converting a specific, very small, amount of bitcoin into a traded certificate that represents another asset. The term "color" refers to the idea of giving special meaning through the addition of an attribute such as a color - it is a metaphor not an actual color association. There are no colors in colored coins. -Colored coins are managed by specialized "wallets" that record and interpret the metadata attached to the "colored" bitcoins. Using such a wallet, the user will convert an amount of bitcoins from uncolored currency, into colored coins, by adding a label that has a special meaning. For example, a label could represent stock certificates, coupons, real property, commodities, collectible tokens etc. It is entirely up to the users of colored coins to assign and interpret the meaning of the "color" associated with specific coins. To color the coins, the user defines the associated metadata, such as the type of issuance, whether it can be subdivided into smaller units, a symbol and description and other related information. Once colored, these coins can be bought and sold, subdivided, aggregated and receive dividend payments. The colored coins can also be "uncolored" to remove the special association and redeem them for their face-value in bitcoin. +Colored coins are managed by specialized "wallets" that record and interpret the metadata attached to the "colored" bitcoins. Using such a wallet, the user will convert an amount of bitcoins from uncolored currency, into colored coins, by adding a label that has a special meaning. For example, a label could represent stock certificates, coupons, real property, commodities, collectible tokens, etc. It is entirely up to the users of colored coins to assign and interpret the meaning of the "color" associated with specific coins. To color the coins, the user defines the associated metadata, such as the type of issuance, whether it can be subdivided into smaller units, a symbol and description, and other related information. Once colored, these coins can be bought and sold, subdivided, aggregated and receive dividend payments. The colored coins can also be "uncolored" to remove the special association and redeem them for their face-value in bitcoin. To demonstrate the use of colored coins, we have created a set of 20 colored coins with symbol "MasterBTC" that represent coupons for a free copy of this book. Each unit of MasterBTC is represented by these colored coins can now be sold or given to any bitcoin user with a colored-coin-capable wallet, who can then transfer them to others or redeem them with the issuer for a free copy of the book. This example of colored coins can be seen here: https://cpr.sm/FoykwrH6UY @@ -61,13 +61,13 @@ To demonstrate the use of colored coins, we have created a set of 20 colored coi ==== Mastercoin -Mastercoin is a protocol layer on top of bitcoin that supports a platform for various applications extending the bitcoin system. Mastercoin uses the currency MST as a token for conducting Mastercoin transactions but it is not primarily a currency. Rather it is a platform for building other things, such as user currencies, smart property tokens, de-centralized asset exchanges, contracts etc. Think of Mastercoin as an application-layer protocol on top of bitcoin's financial transaction transport-layer, just like HTTP runs on top of TCP. +Mastercoin is a protocol layer on top of bitcoin that supports a platform for various applications extending the bitcoin system. Mastercoin uses the currency MST as a token for conducting Mastercoin transactions but it is not primarily a currency. Rather it is a platform for building other things, such as user currencies, smart property tokens, de-centralized asset exchanges, contracts, etc. Think of Mastercoin as an application-layer protocol on top of bitcoin's financial transaction transport-layer, just like HTTP runs on top of TCP. Mastercoin operates primarily through transactions sent to and from a special bitcoin address called the "exodus" address (+1EXoDusjGwvnjZUyKkxZ4UHEf77z6A5S4P+), just like HTTP uses a specific TCP port (port 80) to differentiate its traffic from the rest of the TCP traffic. The Mastercoin protocol is gradually transitioning from using the specialized exodus address and multi-signatures to using the OP_RETURN bitcoin operator to encode transaction metadata. ==== Counterparty -Counterparty is another protocol layer implemented on top of bitcoin. Counterparty enables user currencies, tradable tokens, financial instruments, de-centralized asset exchanges and other features. Counterparty is implemented primarily using the OP_RETURN operator in bitcoin's scripting language to record metadata enhancing bitcoin transactions with additional meaning. Counterparty uses the currency XCP as a token for conducting Counterparty transactions. +Counterparty is another protocol layer implemented on top of bitcoin. Counterparty enables user currencies, tradable tokens, financial instruments, de-centralized asset exchanges, and other features. Counterparty is implemented primarily using the OP_RETURN operator in bitcoin's scripting language to record metadata enhancing bitcoin transactions with additional meaning. Counterparty uses the currency XCP as a token for conducting Counterparty transactions. === Alt-coins From 7c5bacd3033d5f28c4036cde5ee5de70a8b62948 Mon Sep 17 00:00:00 2001 From: "Minh T. Nguyen" Date: Tue, 19 Aug 2014 18:43:29 -0700 Subject: [PATCH 04/37] Minor copyediting following merge from issue #109 --- preface.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/preface.asciidoc b/preface.asciidoc index 5e5ec4dd..c0741383 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -115,7 +115,7 @@ address (sometimes mistakenly referred to as a public key):: ((("bitcoin address"))) ((("address", see="bitcoin address"))) ((("public key", see="bitcoin address"))) - A bitcoin address is derived from a public key, and looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+. Most addresses begin with a one, excepting multisignature addresses, which begin with a three. You can have as many as you like, share them so people can send you coins. + A bitcoin address is derived from a public key and looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+. Most addresses begin with a one, except multisignature addresses which begin with a three. You can have as many addresses as you like and share them so people can send you coins. bitcoin:: ((("bitcoin"))) From a39956d520b009219e12e5c0db6ffb8b535ca2fa Mon Sep 17 00:00:00 2001 From: "Minh T. Nguyen" Date: Tue, 19 Aug 2014 18:54:51 -0700 Subject: [PATCH 05/37] Reverting changes from Issue #109 back to its original --- preface.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/preface.asciidoc b/preface.asciidoc index c0741383..92455bbc 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -111,11 +111,11 @@ Watch us on YouTube: link:$$http://www.youtube.com/oreillymedia$$[] This quick glossary contains many of the terms used in relation to bitcoin. These terms are used throughout the book, so bookmark this for a quick reference and clarification. -address (sometimes mistakenly referred to as a public key):: +address (aka public key):: ((("bitcoin address"))) ((("address", see="bitcoin address"))) ((("public key", see="bitcoin address"))) - A bitcoin address is derived from a public key and looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+. Most addresses begin with a one, except multisignature addresses which begin with a three. You can have as many addresses as you like and share them so people can send you coins. + A bitcoin address looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+, they always start with a one. You can have as many as you like, share them so people can send you coins. bitcoin:: ((("bitcoin"))) From 0bf544abae4b015289e413821a177aadaf04d80d Mon Sep 17 00:00:00 2001 From: Michalis Kargakis Date: Wed, 20 Aug 2014 14:54:29 +0300 Subject: [PATCH 06/37] Another missing comma --- ch02.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch02.asciidoc b/ch02.asciidoc index e82b6113..64c4193d 100644 --- a/ch02.asciidoc +++ b/ch02.asciidoc @@ -1,7 +1,7 @@ [[ch02_bitcoin_overview]] == How Bitcoin Works -=== Transactions, Blocks, Mining and the Blockchain +=== Transactions, Blocks, Mining, and the Blockchain The bitcoin system, unlike traditional banking and payment systems, is based on de-centralized trust. Instead of a central trusted authority, in bitcoin, trust is achieved as an emergent property from the interactions of different participants in the bitcoin system. In this chapter we will examine bitcoin from a high-level by tracking a single transaction through the bitcoin system and watch as it becomes "trusted" and accepted by the bitcoin mechanism of distributed consensus and is finally recorded on the blockchain, the distributed ledger of all transactions. From 77ccfb08b1cf8cf1ef2364b4f4a2d83836eef059 Mon Sep 17 00:00:00 2001 From: "Minh T. Nguyen" Date: Wed, 20 Aug 2014 08:21:43 -0700 Subject: [PATCH 07/37] Updating GitHub contributors --- preface.asciidoc | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/preface.asciidoc b/preface.asciidoc index 92455bbc..2b3cd840 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -198,16 +198,25 @@ Many contributors offered comments, corrections and additions to the early-relea ===== (Name - Github ID) -* *Minh T. Nguyen - enderminh: Github contribution editor* -* Erik Wahlström - erikwam -* Eric Winchell - winchell +* *Minh T. Nguyen - enderminh: Github contribution editor* +* Ed Eykholt - edeykholt +* Michalis Kargakis - kargakis +* Erik Wahlström - erikwam * Richard Kiss - richardkiss +* Eric Winchell - winchell * Sergej Kotliar - ziggamon -* Nagaraj Hubli - nagarajhubli -* Michalis Kargakis - kargakis -* Ish Ot Jr. - ishotjr +* Nagaraj Hubli - nagarajhubli +* ethers * Alex Waters - alexwaters -* Mihail Russu - MihailRussu +* Mihail Russu - MihailRussu +* Ish Ot Jr. - ishotjr * James Addison - jayaddison -* Joe Bauers - joebauers -* Stephan Oeste - Emzy +* Nekomata - nekomata-3 +* Simon de la Rouviere - simondlr +* Chapman Shoop - belovachap +* Holger Schinzel - schinzelh +* effectsToCause - vericoin +* Stephan Oeste - Emzy +* Joe Bauers - joebauers +* Jason Bisterfeldt - jbisterfeldt +* Ed Leafe - EdLeafe From 25af5c23bd296eae47feaa195abc6fee38deef83 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 16:14:14 +0800 Subject: [PATCH 08/37] Update preface.asciidoc bitcoin address clearer explanation --- preface.asciidoc | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/preface.asciidoc b/preface.asciidoc index 2b3cd840..1fddda84 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -115,7 +115,7 @@ address (aka public key):: ((("bitcoin address"))) ((("address", see="bitcoin address"))) ((("public key", see="bitcoin address"))) - A bitcoin address looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+, they always start with a one. You can have as many as you like, share them so people can send you coins. + A bitcoin address looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+, they always start with a one. Just like you ask others to send an email to your email address, you would ask others to send you bitcoin to your bitcoin address. bitcoin:: ((("bitcoin"))) @@ -198,25 +198,25 @@ Many contributors offered comments, corrections and additions to the early-relea ===== (Name - Github ID) -* *Minh T. Nguyen - enderminh: Github contribution editor* -* Ed Eykholt - edeykholt +* *Minh T. Nguyen - enderminh: Github contribution editor* +* Ed Eykholt - edeykholt * Michalis Kargakis - kargakis -* Erik Wahlström - erikwam +* Erik Wahlström - erikwam * Richard Kiss - richardkiss * Eric Winchell - winchell * Sergej Kotliar - ziggamon -* Nagaraj Hubli - nagarajhubli -* ethers +* Nagaraj Hubli - nagarajhubli +* ethers * Alex Waters - alexwaters -* Mihail Russu - MihailRussu +* Mihail Russu - MihailRussu * Ish Ot Jr. - ishotjr * James Addison - jayaddison -* Nekomata - nekomata-3 -* Simon de la Rouviere - simondlr -* Chapman Shoop - belovachap -* Holger Schinzel - schinzelh +* Nekomata - nekomata-3 +* Simon de la Rouviere - simondlr +* Chapman Shoop - belovachap +* Holger Schinzel - schinzelh * effectsToCause - vericoin -* Stephan Oeste - Emzy -* Joe Bauers - joebauers -* Jason Bisterfeldt - jbisterfeldt +* Stephan Oeste - Emzy +* Joe Bauers - joebauers +* Jason Bisterfeldt - jbisterfeldt * Ed Leafe - EdLeafe From e8f4ab417aed7c60e9eb844b64d70c2a3dd00a9c Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 16:24:20 +0800 Subject: [PATCH 09/37] Update preface.asciidoc I think it's better to explain the value and usage of a fee, instead of a more technical definition that identifies how it works. It is possible for a transaction to be processed without a fee. --- preface.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/preface.asciidoc b/preface.asciidoc index 1fddda84..d07a6ca6 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -147,7 +147,7 @@ difficulty re-targeting:: fees:: ((("fees"))) - An excess amount included in each transaction as a network fee or additional reward to the miner who finds the proof-of-work for the new block. Currently 0.5 mBTC minimum. + The sender of a transaction often includes a fee to the network for processing their requested transaction. Most transactions require a minimum fee of 0.5mBTC. hash:: ((("hash"))) From fb2fe84c862e6a02907e98e7ffe3bffd8a3dd57a Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 16:42:00 +0800 Subject: [PATCH 10/37] Update preface.asciidoc Maintain consistency. If you're gonna show an example bitcoin address, should show an example private key. It also helps to understand it further when you can see an example. --- preface.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/preface.asciidoc b/preface.asciidoc index d07a6ca6..be8ed91d 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -176,7 +176,7 @@ reward:: secret key (aka private key):: ((("secret key"))) ((("private key", see="secret key"))) - The secret number that unlocks bitcoins sent to the corresponding address. + The secret number that unlocks bitcoins sent to the corresponding address. A secret key looks like +5J76sF8L5jTtzE96r66Sf8cka9y44wdpJjMwCxR3tzLh3ibVPxh+ transaction:: ((("transaction"))) From 97f37419f559a51ef9caf9e7e3afa247747764b5 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 16:55:14 +0800 Subject: [PATCH 11/37] Update preface.asciidoc A clearer explanation of the value a wallet brings to a user --- preface.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/preface.asciidoc b/preface.asciidoc index be8ed91d..1666c07b 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -184,7 +184,7 @@ transaction:: wallet:: ((("wallet"))) - Software that holds all your addresses. Use it to send bitcoin and manage your keys. + Software that holds all your bitcoin addresses and secret keys. Use it to send, receive and store your bitcoin. ++++ From 4079a650cd2553cecfc516c1f9dbe0919ef9fd10 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 17:02:02 +0800 Subject: [PATCH 12/37] Update ch01.asciidoc As I read through the history of Bitcoin section I kept asking when are you going to get to the part about Bitcoin. I think half of that section is really events leading up to Bitcoin, as well Bitcoin didn't have any history until it was invented. --- ch01.asciidoc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ch01.asciidoc b/ch01.asciidoc index f8e0ee5b..3fab0164 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -17,7 +17,7 @@ Behind the scenes, bitcoin is also the name of the protocol, a network and a dis In this chapter we'll get started by explaining some of the main concepts and terms, getting the necessary software and using bitcoin for simple transactions. In following chapters we'll start unwrapping the layers of technology that make bitcoin possible and examine the inner workings of the bitcoin network and protocol. -=== History of Bitcoin +=== Before Bitcoin? The emergence of viable digital money is closely linked to developments in cryptography. This is not surprising when one considers the fundamental challenges involved with using bits to represent value that can be exchanged for goods and services. Two fundamental questions for anyone accepting digital money are: @@ -36,7 +36,9 @@ Bitcoin represents the culmination of decades of research in cryptography and di * A public transaction ledger (the blockchain); * A de-centralized mathematical and deterministic currency issuance (distributed mining), and; * A de-centralized transaction verification system (transaction script). - + +=== What is Bitcoin? + Bitcoin was invented in 2008 by Satoshi Nakamoto with the publication of a paper titled "Bitcoin: A Peer-to-Peer Electronic Cash System". Satoshi Nakamoto combined several prior inventions such as b-money and HashCash to create a completely de-centralized electronic cash system that does not rely on a central authority for currency issuance or settlement and validation of transactions. The key innovation was to use a Proof-Of-Work algorithm to conduct a global "election" every 10 minutes, allowing the de-centralized network to arrive at _consensus_ about the state of transactions. This elegantly solves the issue of double-spend where a single currency unit can be spent twice. Previously, the double-spend problem was a weakness of digital currency and was addressed by clearing all transactions through a central clearinghouse. The bitcoin network started in 2009, based on a reference implementation published by Nakamoto and since revised by many other programmers. During the first four years of operation, the network has grown to include an enormous amount of Proof-Of-Work computation, thereby increasing its security and resilience. In 2013, the total market value of bitcoin's primary monetary supply measure (M0) is estimated at more than 10 billion US dollars. The largest transaction processed by the network was $150 million US dollars, transmitted instantly and processed without any fees. From 2b8040e4b0e6db20fd8578c3063180df8b315c40 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 17:35:03 +0800 Subject: [PATCH 13/37] Update ch01.asciidoc accidentally put What is Bitcoin, for History of Bitcoin --- ch01.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch01.asciidoc b/ch01.asciidoc index 3fab0164..b6639f6c 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -37,7 +37,7 @@ Bitcoin represents the culmination of decades of research in cryptography and di * A de-centralized mathematical and deterministic currency issuance (distributed mining), and; * A de-centralized transaction verification system (transaction script). -=== What is Bitcoin? +=== History of Bitcoin? Bitcoin was invented in 2008 by Satoshi Nakamoto with the publication of a paper titled "Bitcoin: A Peer-to-Peer Electronic Cash System". Satoshi Nakamoto combined several prior inventions such as b-money and HashCash to create a completely de-centralized electronic cash system that does not rely on a central authority for currency issuance or settlement and validation of transactions. The key innovation was to use a Proof-Of-Work algorithm to conduct a global "election" every 10 minutes, allowing the de-centralized network to arrive at _consensus_ about the state of transactions. This elegantly solves the issue of double-spend where a single currency unit can be spent twice. Previously, the double-spend problem was a weakness of digital currency and was addressed by clearing all transactions through a central clearinghouse. From 68fe6a3d29e8a86d22a814ad885c0960d1b0a71d Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 17:38:58 +0800 Subject: [PATCH 14/37] Update ch01.asciidoc Identifying the potential pains that Bitcoin can solve, quantifying how big of an impact the innovation can really have. This should hopefully get the reader excited about the possible power their code can have, and encourage them even more to learn more about Bitcoin. --- ch01.asciidoc | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ch01.asciidoc b/ch01.asciidoc index b6639f6c..759858d7 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -45,6 +45,16 @@ The bitcoin network started in 2009, based on a reference implementation publish Satoshi Nakamoto withdrew from the public in April of 2011, leaving the responsibility of developing the code and network to a thriving group of volunteers. The name Satoshi Nakamoto is an alias and the identity of the person or people behind this invention is currently unknown. However, neither Satoshi Nakamoto nor anyone else exerts control over the bitcoin system, which operates based on fully transparent mathematical principles. The invention itself is groundbreaking and has already spawned new science in the fields of distributed computing, economics and econometrics. +Bitcoin has the potential to fix many financial and economic problems that exist today due to flawed centralized systems. Some examples are: +* Hyperinflation that has severly hurt the economies of countries like Argentinian and Zimbabwe. +* 2.5 Billion unbanked around the world who do not benefit from the financial services most do in the developed world. +* Merchants getting charged 2-4% per transaction when accepting credit cards. +* Bank accounts getting frozen, or funds seized from accounts for various reasons. +* People sending money back home and getting charged remittance fees that can range from 2-20%. +* Lack of transparency when performing a wire transfer. +* World travelers getting charged exchange rate fees when using credit cards in foreign countries. +* Citizens of Cyprus having bank accounts frozen for two weeks to secure a Eurozone bailout. + .A Solution To a Distributed Computing Problem **** From d3d95954e5907aee0ffe7186396ed0088278256e Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 18:10:53 +0800 Subject: [PATCH 15/37] Update ch01.asciidoc I took the Coinbase description from their own about page. They are not an exchange, since you do not exchange bitcoin with other users, you buy and sell it directly with Coinbase. The big value they bring is making it easy to use bitcoin. --- ch01.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch01.asciidoc b/ch01.asciidoc index 759858d7..e43c1f07 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -147,7 +147,7 @@ Alice is now ready to start using her new bitcoin web-wallet. It is not possible to buy bitcoins at a bank or foreign exchange kiosks at this time. It is not possible to use a credit card to buy bitcoins, either. As of 2014, it is still quite difficult to acquire bitcoins in most countries. There are a number of specialized currency exchanges where you can buy and sell bitcoin in exchange for a local currency. These operate as web-based currency markets and include: * Bitstamp (bitstamp.net), a European currency market that supports several currencies including euros (EUR) and US dollars (USD) via wire transfer -* Coinbase (coinbase.com), a US-based currency market in California that supports US dollar exchange to and from bitcoin. Coinbase can connect to US checking accounts via the ACH system. +* Coinbase (coinbase.com), a US-based bitcoin wallet and platform where merchants and consumers can transact in bitcoin. Coinbase makes it easy to buy and sell bitcoin, allowing users to connect to US checking accounts via the ACH system. Crypto-currency exchanges such as these operate at the intersection of national currencies and crypto-currencies. As such, they are subject to national and international regulations and are often specific to a single country or economic area and specialize in the national currencies of that area. Your choice of currency exchange will be specific to the national currency you use and limited to the exchanges that operate within the legal jurisdiction of your country. Similar to opening a bank account, it takes several days or weeks to set up the necessary accounts with the above services because they require various forms of identification to comply with KYC (Know Your Customer) and AML (Anti-Money Laundering) banking regulations. Once you have an account on a bitcoin exchange, you can then buy or sell bitcoins quickly just as you could with foreign currency with a brokerage account. From 78b5d4f868b6cd5ff2fca5835d4af2160c16ea0e Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 18:13:38 +0800 Subject: [PATCH 16/37] Update ch01.asciidoc Using a bitcoin ATM is another method of getting bitcoins. --- ch01.asciidoc | 1 + 1 file changed, 1 insertion(+) diff --git a/ch01.asciidoc b/ch01.asciidoc index e43c1f07..f6b450b0 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -158,6 +158,7 @@ There are three other methods for getting bitcoins as a new user: * Find a friend who has bitcoins and buy some from them directly. Many bitcoin users started this way. * Use a classified service like localbitcoins.com to find a seller in your area to buy bitcoins for cash in an in-person transaction. * Sell a product or service for bitcoin. If you're a programmer, sell your programming skills. If you have an online store, see <> to sell in bitcoin. +* Use a bitcoin ATM in your city. A map of bitcoin ATMs can be found at http://www.coindesk.com/bitcoin-atm-map/ Alice was introduced to bitcoin by a friend and so she has an easy way of getting her first bitcoin while she waits for her account on a California currency market to be verified and activated. From d30a644e32f4ef39c020d4ea8d46379e28428ec4 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 19:27:06 +0800 Subject: [PATCH 17/37] Update ch01.asciidoc You can buy bitcoin using Purse.IO. However I do not think it's a good idea to add purse.io to ways you can buy bitcoin because there is a chance that at any moment Amazon can shut them down and then the comment will become obsolete. --- ch01.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch01.asciidoc b/ch01.asciidoc index f6b450b0..55bcc0db 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -144,7 +144,7 @@ Alice is now ready to start using her new bitcoin web-wallet. [[getting_first_bitcoin]] ==== Getting your first bitcoins -It is not possible to buy bitcoins at a bank or foreign exchange kiosks at this time. It is not possible to use a credit card to buy bitcoins, either. As of 2014, it is still quite difficult to acquire bitcoins in most countries. There are a number of specialized currency exchanges where you can buy and sell bitcoin in exchange for a local currency. These operate as web-based currency markets and include: +It is not possible to buy bitcoins at a bank or foreign exchange kiosks at this time. As of 2014, it is still quite difficult to acquire bitcoins in most countries. There are a number of specialized currency exchanges where you can buy and sell bitcoin in exchange for a local currency. These operate as web-based currency markets and include: * Bitstamp (bitstamp.net), a European currency market that supports several currencies including euros (EUR) and US dollars (USD) via wire transfer * Coinbase (coinbase.com), a US-based bitcoin wallet and platform where merchants and consumers can transact in bitcoin. Coinbase makes it easy to buy and sell bitcoin, allowing users to connect to US checking accounts via the ACH system. From 0149c111e0b720aa46518ff010795e32abf9f28f Mon Sep 17 00:00:00 2001 From: Lornestar Date: Fri, 22 Aug 2014 19:32:13 +0800 Subject: [PATCH 18/37] Update ch01.asciidoc I personally use bitcoinwisdom all the time to watch/analyze prices over the exchanges --- ch01.asciidoc | 1 + 1 file changed, 1 insertion(+) diff --git a/ch01.asciidoc b/ch01.asciidoc index 55bcc0db..bad317ea 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -173,6 +173,7 @@ First, Joe has to figure out the exchange rate so that he can give the correct a * bitcoincharts.com, a market data listing service that shows the market rate of bitcoin across many exchanges around the globe, denominated in different local currencies * bitcoinaverage.com, a site that provides a simple view of the volume-weighted-average for each currency * ZeroBlock, a free Android and iOS application that can display a bitcoin price from different exchanges +* bitcoinwisdom.com, another market data listing service [[zeroblock-android]] .ZeroBlock - A bitcoin market-rate application for Android and iOS From 7586d4550fb16209887420a58478e780fa594b3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erik=20Wahlstr=C3=B6m?= Date: Fri, 22 Aug 2014 20:32:23 +0200 Subject: [PATCH 19/37] Update ch09.asciidoc Minor changes/typos --- ch09.asciidoc | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ch09.asciidoc b/ch09.asciidoc index efc37147..4864993e 100644 --- a/ch09.asciidoc +++ b/ch09.asciidoc @@ -29,11 +29,11 @@ Meta-coins and meta-chains are software layers implemented on top of bitcoin, ei ==== Colored Coins -Colored Coins is a meta-protocol that overlays information on small amounts of bitcoin. A "colored" coin is an amount of bitcoin repurposed to express another asset. Imagine for example taking a $1 USD note and putting a stamp on it that said "This is a 1 share certificate of Acme Inc.". Now the $1 serves two purposes: it is a currency note and also a share certificate. Because it is more valuable as a share, you would not want to use it to buy candy, so effectively it is no longer useful as currency. Colored coins work in a same way by converting a specific, very small, amount of bitcoin into a traded certificate that represents another asset. The term "color" refers to the idea of giving special meaning through the addition of an attribute such as a color - it is a metaphor not an actual color association. There are no colors in colored coins. +Colored Coins is a meta-protocol that overlays information on small amounts of bitcoin. A "colored" coin is an amount of bitcoin repurposed to express another asset. Imagine for example taking a $1 USD note and putting a stamp on it that said "This is a 1 share certificate of Acme Inc.". Now the $1 serves two purposes: it is a currency note and also a share certificate. Because it is more valuable as a share, you would not want to use it to buy candy, so effectively it is no longer useful as currency. Colored coins work in the same way by converting a specific, very small, amount of bitcoin into a traded certificate that represents another asset. The term "color" refers to the idea of giving special meaning through the addition of an attribute such as a color - it is a metaphor not an actual color association. There are no colors in colored coins. -Colored coins are managed by specialized "wallets" that record and interpret the metadata attached to the "colored" bitcoins. Using such a wallet, the user will convert an amount of bitcoins from uncolored currency, into colored coins, by adding a label that has a special meaning. For example, a label could represent stock certificates, coupons, real property, commodities, collectible tokens, etc. It is entirely up to the users of colored coins to assign and interpret the meaning of the "color" associated with specific coins. To color the coins, the user defines the associated metadata, such as the type of issuance, whether it can be subdivided into smaller units, a symbol and description, and other related information. Once colored, these coins can be bought and sold, subdivided, aggregated and receive dividend payments. The colored coins can also be "uncolored" to remove the special association and redeem them for their face-value in bitcoin. +Colored coins are managed by specialized "wallets" that record and interpret the metadata attached to the "colored" bitcoins. Using such a wallet, the user will convert an amount of bitcoins from uncolored currency, into colored coins, by adding a label that has a special meaning. For example, a label could represent stock certificates, coupons, real property, commodities, collectible tokens, etc. It is entirely up to the users of colored coins to assign and interpret the meaning of the "color" associated with specific coins. To color the coins, the user defines the associated metadata, such as the type of issuance, whether it can be subdivided into smaller units, a symbol and description, and other related information. Once colored, these coins can be bought and sold, subdivided, aggregated and receive dividend payments. The colored coins can also be "uncolored" by removing the special association and redeem them for their face-value in bitcoin. -To demonstrate the use of colored coins, we have created a set of 20 colored coins with symbol "MasterBTC" that represent coupons for a free copy of this book. Each unit of MasterBTC is represented by these colored coins can now be sold or given to any bitcoin user with a colored-coin-capable wallet, who can then transfer them to others or redeem them with the issuer for a free copy of the book. This example of colored coins can be seen here: https://cpr.sm/FoykwrH6UY +To demonstrate the use of colored coins, we have created a set of 20 colored coins with symbol "MasterBTC" that represent coupons for a free copy of this book. Each unit of MasterBTC, represented by these colored coins can now be sold or given to any bitcoin user with a colored-coin-capable wallet, who can then transfer them to others or redeem them with the issuer for a free copy of the book. This example of colored coins can be seen here: https://cpr.sm/FoykwrH6UY .The metadata profile of the colored coins recorded as a coupon for a free copy of the book ==== @@ -119,7 +119,7 @@ Bitcoin has a few monetary parameters that give it distinctive characteristics o *Litecoin* -One of the first alt-coins, released in 2011, Litecoin is the second most successful digital currency after bitcoin. It's primary innovations were the use of _scrypt_ as the Proof-of-Work algorithm (inherited from Tenebrix) and the faster/lighter currency parameters. +One of the first alt-coins, released in 2011, Litecoin is the second most successful digital currency after bitcoin. Its primary innovations were the use of _scrypt_ as the Proof-of-Work algorithm (inherited from Tenebrix) and the faster/lighter currency parameters. * Block generation time: 2.5 minutes * Total currency: 84 million coins by 2140 @@ -137,7 +137,7 @@ Dogecoin was released in December of 2013, based on a fork of Litecoin. Dogecoin *Freicoin* -Freicoin was introduced in July 2012. It is a _demurrage currency_, meaning that is has a negative interest rate for stored value. Value stored in Freicoin is assessed a 4.5% APR fee, to encourage consumption and discourage hoarding of money. Freicoin is notable in that it implements a monetary policy that is the exact opposite of Bitcoin's deflationary policy. Freicoin has not seen success as a currency, but is an interesting example of the variety of monetary policies that can be expressed by alt-coins. +Freicoin was introduced in July 2012. It is a _demurrage currency_, meaning that it has a negative interest rate for stored value. Value stored in Freicoin is assessed a 4.5% APR fee, to encourage consumption and discourage hoarding of money. Freicoin is notable in that it implements a monetary policy that is the exact opposite of Bitcoin's deflationary policy. Freicoin has not seen success as a currency, but is an interesting example of the variety of monetary policies that can be expressed by alt-coins. * Block generation: 10 minutes * Total currency: 100 million coins by 2140 @@ -335,7 +335,7 @@ Namecoin registrations need to be updated every 36,000 blocks (approximately 200 ==== Bitmessage -Bitmessage is a bitcoin alt-chain that implements a de-centralized secure messaging service, essentially a server-less encrypted email system. Bitmessage allows users to compose and send message to each other, using a bitmessage address. The messages operate in much the same way as a bitcoin transaction, but they are transient - they do not persist beyond 2 days and if not delivered to the destination node in that time, they are lost. Senders and recipients are pseudonymous, they have no identifiers other than a bitmessage address, but are strongly authenticated, meaning that messages cannot be "spoofed". Bitmessages are encrypted to the recipient and therefore the bitmessage network is resistant to holistic surveillance - an eavesdropper has to compromise the recipient's device in order to intercept messages. +Bitmessage is a bitcoin alt-chain that implements a de-centralized secure messaging service, essentially a server-less encrypted email system. Bitmessage allows users to compose and send messages to each other, using a bitmessage address. The messages operate in much the same way as a bitcoin transaction, but they are transient - they do not persist beyond 2 days and if not delivered to the destination node in that time, they are lost. Senders and recipients are pseudonymous, they have no identifiers other than a bitmessage address, but are strongly authenticated, meaning that messages cannot be "spoofed". Bitmessages are encrypted to the recipient and therefore the bitmessage network is resistant to holistic surveillance - an eavesdropper has to compromise the recipient's device in order to intercept messages. ==== Ethereum From 62262c3cf72df648b66c5adc0258a5d310082558 Mon Sep 17 00:00:00 2001 From: "Minh T. Nguyen" Date: Fri, 22 Aug 2014 12:09:39 -0700 Subject: [PATCH 20/37] Adding another comma following the changes from Issue #117 --- ch09.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch09.asciidoc b/ch09.asciidoc index 4864993e..9bf9079e 100644 --- a/ch09.asciidoc +++ b/ch09.asciidoc @@ -33,7 +33,7 @@ Colored Coins is a meta-protocol that overlays information on small amounts of b Colored coins are managed by specialized "wallets" that record and interpret the metadata attached to the "colored" bitcoins. Using such a wallet, the user will convert an amount of bitcoins from uncolored currency, into colored coins, by adding a label that has a special meaning. For example, a label could represent stock certificates, coupons, real property, commodities, collectible tokens, etc. It is entirely up to the users of colored coins to assign and interpret the meaning of the "color" associated with specific coins. To color the coins, the user defines the associated metadata, such as the type of issuance, whether it can be subdivided into smaller units, a symbol and description, and other related information. Once colored, these coins can be bought and sold, subdivided, aggregated and receive dividend payments. The colored coins can also be "uncolored" by removing the special association and redeem them for their face-value in bitcoin. -To demonstrate the use of colored coins, we have created a set of 20 colored coins with symbol "MasterBTC" that represent coupons for a free copy of this book. Each unit of MasterBTC, represented by these colored coins can now be sold or given to any bitcoin user with a colored-coin-capable wallet, who can then transfer them to others or redeem them with the issuer for a free copy of the book. This example of colored coins can be seen here: https://cpr.sm/FoykwrH6UY +To demonstrate the use of colored coins, we have created a set of 20 colored coins with symbol "MasterBTC" that represent coupons for a free copy of this book. Each unit of MasterBTC, represented by these colored coins, can now be sold or given to any bitcoin user with a colored-coin-capable wallet, who can then transfer them to others or redeem them with the issuer for a free copy of the book. This example of colored coins can be seen here: https://cpr.sm/FoykwrH6UY .The metadata profile of the colored coins recorded as a coupon for a free copy of the book ==== From 8e5111a3f96bc886e919733f0e42c5de0b13d22b Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sat, 23 Aug 2014 18:51:25 +0800 Subject: [PATCH 21/37] Removing question marks from new titles --- ch01.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ch01.asciidoc b/ch01.asciidoc index bad317ea..7be428fa 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -17,7 +17,7 @@ Behind the scenes, bitcoin is also the name of the protocol, a network and a dis In this chapter we'll get started by explaining some of the main concepts and terms, getting the necessary software and using bitcoin for simple transactions. In following chapters we'll start unwrapping the layers of technology that make bitcoin possible and examine the inner workings of the bitcoin network and protocol. -=== Before Bitcoin? +=== Before Bitcoin The emergence of viable digital money is closely linked to developments in cryptography. This is not surprising when one considers the fundamental challenges involved with using bits to represent value that can be exchanged for goods and services. Two fundamental questions for anyone accepting digital money are: @@ -37,7 +37,7 @@ Bitcoin represents the culmination of decades of research in cryptography and di * A de-centralized mathematical and deterministic currency issuance (distributed mining), and; * A de-centralized transaction verification system (transaction script). -=== History of Bitcoin? +=== History of Bitcoin Bitcoin was invented in 2008 by Satoshi Nakamoto with the publication of a paper titled "Bitcoin: A Peer-to-Peer Electronic Cash System". Satoshi Nakamoto combined several prior inventions such as b-money and HashCash to create a completely de-centralized electronic cash system that does not rely on a central authority for currency issuance or settlement and validation of transactions. The key innovation was to use a Proof-Of-Work algorithm to conduct a global "election" every 10 minutes, allowing the de-centralized network to arrive at _consensus_ about the state of transactions. This elegantly solves the issue of double-spend where a single currency unit can be spent twice. Previously, the double-spend problem was a weakness of digital currency and was addressed by clearing all transactions through a central clearinghouse. From 4fb73060300dd9f6791090386a4218962ffc87d9 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sat, 23 Aug 2014 19:28:12 +0800 Subject: [PATCH 22/37] improved explanation of confirmations identifying that the additional blocks must be removed first --- ch01.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch01.asciidoc b/ch01.asciidoc index 7be428fa..0cd53e7e 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -198,7 +198,7 @@ If Alice has a smartphone or laptop with her, she will also be able to see the t .Confirmations **** -At first, Alice's address will show the transaction from Joe as "Unconfirmed". This means that the transaction has been propagated to the network but has not yet been included in the bitcoin transaction ledger, known as the blockchain. To be included, the transaction must be "picked up" by a miner and included in a block of transactions. Once a miner has discovered a solution to the Proof-of-Work algorithm for this block (in approximately 10 minutes), the transactions within the block will be accepted as "confirmed" by the network and can be spent. The transaction is seen by all instantly, but it is only "trusted" by all when it is included in a newly mined block. The more blocks mined after that block, the more trusted it is, as more and more computation is "piled" on top of it. +At first, Alice's address will show the transaction from Joe as "Unconfirmed". This means that the transaction has been propagated to the network but has not yet been included in the bitcoin transaction ledger, known as the blockchain. To be included, the transaction must be "picked up" by a miner and included in a block of transactions. Once a miner has discovered a solution to the Proof-of-Work algorithm for this block (in approximately 10 minutes), the transactions within the block will be accepted as "confirmed" by the network and can be spent. The transaction is seen by all instantly, but it is only "trusted" by all when it is included in a newly mined block. As more blocks are mined after that block, the lower the risk that block can be removed or modified because the additional blocks must be removed first requiring additional computational power. **** Alice is now the proud owner of 0.10 bitcoin which she can spend. In the next chapter we will look at her first purchase with bitcoin and examine the underlying transaction and propagation technologies in more detail. From 9c67b2c88119b0adaadf5e0703f0695322d76530 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sat, 23 Aug 2014 19:45:27 +0800 Subject: [PATCH 23/37] Added BIP to the quick glossary list BIPs are mentioned throughout the book, so I figure many readers will be asking what does BIP0021 mean? --- preface.asciidoc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/preface.asciidoc b/preface.asciidoc index 1666c07b..324fdc22 100644 --- a/preface.asciidoc +++ b/preface.asciidoc @@ -117,6 +117,10 @@ address (aka public key):: ((("public key", see="bitcoin address"))) A bitcoin address looks like +1DSrfJdB2AnWaFNgSbv3MZC2m74996JafV+, they always start with a one. Just like you ask others to send an email to your email address, you would ask others to send you bitcoin to your bitcoin address. +bip:: +((("bip"))) + Bitcoin Improvement Proposals. A set of proposals that members of the bitcoin community have submitted to improve bitcoin. For example BIP0021 is a proposal to improve the bitcoin URI scheme. + bitcoin:: ((("bitcoin"))) The name of the currency unit (the coin), the network and the software From bd1cf52ff02abcb5883ccb4ee48e273f9c618148 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sat, 23 Aug 2014 20:11:55 +0800 Subject: [PATCH 24/37] New block every 10 minutes is average They may think it's written into the rules of bitcoin that a new block is discovered every 10 min, instead of on average every 10 min. --- ch02.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch02.asciidoc b/ch02.asciidoc index 64c4193d..0ebea795 100644 --- a/ch02.asciidoc +++ b/ch02.asciidoc @@ -222,7 +222,7 @@ Jing started mining in 2010 using a very fast desktop computer to find a suitabl === Mining transactions in blocks -A transaction transmitted across the network is not verified until it becomes part of the global distributed ledger, the blockchain. Every ten minutes, miners generate a new block that contains all the transactions since the last block. New transactions are constantly flowing into the network from user wallets and other applications. As these are seen by the bitcoin network nodes, they get added to a temporary "pool" of unverified transactions maintained by each node. As miners build a new block, they add unverified transactions from this pool to a new block and then attempt to solve a very hard problem (aka Proof-of-Work) to prove the validity of that new block. The process of mining is explained in detail in <>. +A transaction transmitted across the network is not verified until it becomes part of the global distributed ledger, the blockchain. Every ten minutes on average, miners generate a new block that contains all the transactions since the last block. New transactions are constantly flowing into the network from user wallets and other applications. As these are seen by the bitcoin network nodes, they get added to a temporary "pool" of unverified transactions maintained by each node. As miners build a new block, they add unverified transactions from this pool to a new block and then attempt to solve a very hard problem (aka Proof-of-Work) to prove the validity of that new block. The process of mining is explained in detail in <>. Transactions are added to the new block, prioritized by the highest-fee transactions first and a few other criteria. Each miner starts the process of mining a new block of transactions as soon as they receive the previous block from the network, knowing they have lost that previous round of competition. They immediately create a new block, fill it with transactions and the fingerprint of the previous block and start calculating the Proof-of-Work for the new block. Each miner includes a special transaction in their block, one that pays their own bitcoin address a reward of newly created bitcoins (currently 25 BTC per block). If they find a solution that makes that block valid, they "win" this reward because their successful block is added to the global blockchain and the reward transaction they included becomes spendable. Jing, who participates in a mining pool, has set up his software to create new blocks that assign the reward to a pool address. From there, a share of the reward is distributed to Jing and other miners in proportion to the amount of work they contributed in the last round. From c3190cd32c479f2195125215b8f6f628041c7372 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sat, 23 Aug 2014 20:28:20 +0800 Subject: [PATCH 25/37] Improved description of keys ownership --- ch04.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch04.asciidoc b/ch04.asciidoc index 619ed8c0..82b7d80e 100644 --- a/ch04.asciidoc +++ b/ch04.asciidoc @@ -5,7 +5,7 @@ Ownership of bitcoin is established through _digital keys_, _bitcoin addresses_ and _digital signatures_. The digital keys are not actually stored in the network, but are instead created and stored by end-users in a file, or simple database, called a _wallet_. The digital keys in a user's wallet are completely independent of the bitcoin protocol and can be generated and managed by the user's wallet software without reference to the blockchain or access to the Internet. Keys enable many of the interesting properties of bitcoin, including de-centralized trust and control, ownership attestation and the cryptographic-proof security model. -The digital keys within each user's wallet allow the user to sign transactions, thereby providing cryptographic proof of the ownership of the bitcoins sourced by the transaction. Keys come in pairs consisting of a private (secret) and public key. Think of the public key as similar to a bank account number and the private key as similar to the secret PIN number, or signature on a cheque that provides control over the account. These digital keys are very rarely seen by the users of bitcoin. For the most part, they are stored inside the wallet file and managed by the bitcoin wallet software. +Every bitcoin transaction requires a valid signature to be included in the blockchain, which can only be generated with valid digital keys, therefore anyone with a copy of those keys has control of the bitcoin in that account. Keys come in pairs consisting of a private (secret) and public key. Think of the public key as similar to a bank account number and the private key as similar to the secret PIN number, or signature on a cheque that provides control over the account. These digital keys are very rarely seen by the users of bitcoin. For the most part, they are stored inside the wallet file and managed by the bitcoin wallet software. In the payment portion of a bitcoin transaction, the recipient's public key is represented by its digital fingerprint, called a _bitcoin address_, which is used in the same way as the beneficiary name on a cheque (i.e. "Pay to the order of"). In most cases, a bitcoin address is generated from and corresponds to a public key. However, not all bitcoin addresses represent public keys; they can also represent other beneficiaries such as scripts, as we will see later in this chapter. This way, bitcoin addresses abstract the recipient of funds, making transaction destinations flexible, similar to paper cheques: a single payment instrument that can be used to pay into people's accounts, company accounts, pay for bills or pay to cash. The bitcoin address is the only representation of the keys that users will routinely see, as this is the part they need to share with the world. From 604c90590fb51bd931f9006c6ed1c2a37494c82f Mon Sep 17 00:00:00 2001 From: Jameson Lopp Date: Sat, 23 Aug 2014 16:27:37 -0400 Subject: [PATCH 26/37] fixing market cap description for Dogecoin --- ch09.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch09.asciidoc b/ch09.asciidoc index 3b829c69..c9514ae9 100644 --- a/ch09.asciidoc +++ b/ch09.asciidoc @@ -131,7 +131,7 @@ One of the first alt-coins, released in 2011, Litecoin is the second most succes Dogecoin was released in December of 2013, based on a fork of Litecoin. Dogecoin is notable because it has a monetary policy of rapid issuance and a very high currency cap, to encourage spending and tipping. Dogecoin is also notable because it was started as a joke but became quite popular, with a large and active community, before declining rapidly in 2014. * Block generation time: 60 seconds -* Total currency: 100,000,000,000 (100 trillion) Doge by 2015 +* Total currency: 100,000,000,000 (100 billion) Doge by 2015 * Consensus algorithm: scrypt Proof-of-Work * Market capitalization: $12 million USD in Summer 2014 From 7ce978a224eb19e277a6cb459d295f00974d19e8 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sun, 24 Aug 2014 10:17:07 +0800 Subject: [PATCH 27/37] Explaining satoshi denomination differently I think it's really difficult to know that 100 millionth is 8 decimal places --- ch05.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch05.asciidoc b/ch05.asciidoc index 1274fcd0..2130a64e 100644 --- a/ch05.asciidoc +++ b/ch05.asciidoc @@ -70,7 +70,7 @@ The fundamental building block of a bitcoin transaction is an _unspent transacti There are no accounts or balances in bitcoin, there are only _unspent transaction outputs_ (UTXO) scattered in the blockchain. ==== -Unlike cash, which exists in specific denominations (one dollar, five dollars, ten dollars), a UTXO can have any arbitrary value denominated as a multiple of satoshis (the smallest bitcoin unit equal to 100 millionth of a bitcoin). While UTXO can be any arbitrary value, once created it is indivisible just like a coin that cannot be cut in half. If a UTXO is larger than the desired value of a transaction, it must still be consumed in its entirety and change must be generated in the transaction. In other words, if you have a 20 bitcoin UTXO and want to pay 1 bitcoin, your transaction must consume the entire 20 bitcoin UTXO and produce two outputs: one paying 1 bitcoin to your desired recipient and another paying 19 bitcoin in change back to your wallet. As a result, most bitcoin transactions will generate change. +A UTXO can have an arbitrary value denominated as a multiple of satoshis. Just like dollars can be divided down to two decimal places as cents, bitcoins can be divided down to eight decimal places as satoshis. While UTXO can be any arbitrary value, once created it is indivisible just like a coin that cannot be cut in half. If a UTXO is larger than the desired value of a transaction, it must still be consumed in its entirety and change must be generated in the transaction. In other words, if you have a 20 bitcoin UTXO and want to pay 1 bitcoin, your transaction must consume the entire 20 bitcoin UTXO and produce two outputs: one paying 1 bitcoin to your desired recipient and another paying 19 bitcoin in change back to your wallet. As a result, most bitcoin transactions will generate change. In simple terms, transactions consume the sender's available UTXO and create new UTXO locked to the recipient's bitcoin address. Imagine a shopper buying a $1.50 beverage, reaching into their wallet and trying to find a combination of coins and bank notes to cover the $1.50 cost. The shopper will choose exact change if available (a dollar bill and two quarters), or a combination of smaller denominations (six quarters), or if necessary, a larger unit such as a five dollar bank note. If they hand too much money, say $5, to the shop owner they will expect $3.50 change, which they will return to their wallet and have available for future transactions. Similarly, a bitcoin transaction must be created from a user's UTXO in whatever denominations that user has available. They cannot cut a UTXO in half any more than they can cut a dollar bill in half and use it as currency. The user's wallet application will typically select from the user's available UTXO various units to compose an amount greater than or equal to the desired transaction amount. As with real life, the bitcoin application can use several strategies to satisfy the purchase amount: combining several smaller units, finding exact change, or using a single unit larger than the transaction value and making change. From 9cd1c1a2d73e9298578f31dd0c25a7306c1880a4 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sun, 24 Aug 2014 10:41:34 +0800 Subject: [PATCH 28/37] blockchain size is 20+Gigs --- ch06.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch06.asciidoc b/ch06.asciidoc index f8f2421e..04511a9a 100644 --- a/ch06.asciidoc +++ b/ch06.asciidoc @@ -129,7 +129,7 @@ Full nodes are nodes that maintain a full blockchain with all transactions. More Full blockchain nodes maintain a complete and up-to-date copy of the bitcoin blockchain with all the transactions, which they independently build and verify, starting with the very first block (genesis block) and building up to the latest known block in the network. A full blockchain node can independently and authoritatively verify any transaction without recourse or reliance on any other node or source of information. The full blockchain node relies on the network to receive updates about new blocks of transactions, which it then verifies and incorporates into its local copy of the blockchain. -Running a full blockchain node gives you the pure bitcoin experience: independent verification of all transactions without the need to rely on, or trust, any other systems. It's easy to tell if you're running a full node because it requires several gigabytes of persistent storage (disk space) to store the full blockchain. If you need a lot of disk and it takes 2-3 days to "sync" to the network, you are running a full node. That is the price of complete independence and freedom from central authority. +Running a full blockchain node gives you the pure bitcoin experience: independent verification of all transactions without the need to rely on, or trust, any other systems. It's easy to tell if you're running a full node because it requires 20 plus gigabytes of persistent storage (disk space) to store the full blockchain. If you need a lot of disk and it takes 2-3 days to "sync" to the network, you are running a full node. That is the price of complete independence and freedom from central authority. There are a few alternative implementations of full-blockchain bitcoin clients, built using different programming languages and software architectures. However, the most common implementation is the reference client Bitcoin Core, also known as the Satoshi Client. More than 90% of the nodes on the bitcoin network run various versions of Bitcoin Core. It is identified as "Satoshi" in the sub-version string sent in the +version+ message and shown by the command +getpeerinfo+ as we saw above, for example +/Satoshi:0.8.6/+. From bf732ce72d895d047286b6c5873ba00728bf20cf Mon Sep 17 00:00:00 2001 From: Lornestar Date: Sun, 24 Aug 2014 20:27:22 +0800 Subject: [PATCH 29/37] Clearer explanation of merkle tree value --- ch07.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch07.asciidoc b/ch07.asciidoc index 470ef968..56563e10 100644 --- a/ch07.asciidoc +++ b/ch07.asciidoc @@ -145,7 +145,7 @@ Each block in the bitcoin blockchain contains a summary of all the transactions A _Merkle Tree_, also known as a _Binary Hash Tree_ is a data structure used for efficiently summarizing and verifying the integrity of large sets of data. Merkle Trees are binary trees containing cryptographic hashes. The term "tree" is used in computer science to describe a branching data structure, but these trees are usually displayed upside down with the "root" at the top and the "leaves" at the bottom of a diagram, as you will see in the examples that follow. -Merkle trees are used in bitcoin to summarize all the transactions in a block, producing an overall digital fingerprint of the entire set of transactions, which can be used to prove that a transaction is included in the set. A merkle tree is constructed by recursively hashing pairs of nodes until there is only one hash, called the _root_, or _merkle root_. The cryptographic hash algorithm used in bitcoin's merkle trees is SHA256 applied twice, also known as double-SHA256. +Merkle trees are used in bitcoin to summarize all the transactions in a block, producing an overall digital fingerprint of the entire set of transactions, providing a very efficient process to verify if a transaction is included in a block. A merkle tree is constructed by recursively hashing pairs of nodes until there is only one hash, called the _root_, or _merkle root_. The cryptographic hash algorithm used in bitcoin's merkle trees is SHA256 applied twice, also known as double-SHA256. When N data elements are hashed and summarized in a Merkle Tree, you can check to see if any one data element is included in the tree with at most +2*log~2~(N)+ calculations, making this a very efficient data structure. From cc9ba043b1668be4c4d3fbec2b2755b7119e0457 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Mon, 25 Aug 2014 01:48:47 +0800 Subject: [PATCH 30/37] Quick summary of miners role --- ch08.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch08.asciidoc b/ch08.asciidoc index 6f686ee6..3e0e1e66 100644 --- a/ch08.asciidoc +++ b/ch08.asciidoc @@ -4,7 +4,7 @@ [[mining]] === Introduction - Mining and Consensus -Mining is the process by which new bitcoin is added to the money supply. Mining also serves to secure the bitcoin system against fraudulent transactions or transactions spending the same amount of bitcoin more than once, known as a double-spend. Miners act as a decentralized clearinghouse, validating new transactions and recording them on the global ledger. A new block, containing transactions that occurred since the last block, is "mined" every 10 minutes, thereby adding those transactions to the blockchain. Transactions that become part of a block and added to the blockchain are considered "confirmed", which allows the new owners of bitcoin to spend the bitcoin they received in those transactions. Miners receive two types of reward for mining: new coins created with each new block and transaction fees from all the transactions included in the block. To earn this reward, the miners compete to solve a difficult mathematical problem based on a cryptographic hash algorithm. The solution to the problem, called the Proof-of-Work, is included in the new block and acts as proof that the miner expended significant computing effort. The competition to solve the Proof-of-Work algorithm to earn reward and the right to record transactions on the blockchain is the basis for bitcoin's security model. +Mining is the process by which new bitcoin is added to the money supply. Mining also serves to secure the bitcoin system against fraudulent transactions or transactions spending the same amount of bitcoin more than once, known as a double-spend. Miners provide processing power to the bitcoin network in exchange for the opportunity to be rewarded bitcoin. Miners act as a decentralized clearinghouse, validating new transactions and recording them on the global ledger. A new block, containing transactions that occurred since the last block, is "mined" every 10 minutes, thereby adding those transactions to the blockchain. Transactions that become part of a block and added to the blockchain are considered "confirmed", which allows the new owners of bitcoin to spend the bitcoin they received in those transactions. Miners receive two types of reward for mining: new coins created with each new block and transaction fees from all the transactions included in the block. To earn this reward, the miners compete to solve a difficult mathematical problem based on a cryptographic hash algorithm. The solution to the problem, called the Proof-of-Work, is included in the new block and acts as proof that the miner expended significant computing effort. The competition to solve the Proof-of-Work algorithm to earn reward and the right to record transactions on the blockchain is the basis for bitcoin's security model. The process of new coin generation is called mining, because the reward is designed to simulate diminishing returns, just like mining for precious metals. Bitcoin's money supply is created through mining, similar to how a central bank issues new money by printing bank notes. The amount of newly created bitcoin a miner can add to a block decreases approximately every four years (or precisely every 210,000 blocks). It started at 50 bitcoin per block in January of 2009 and halved to 25 bitcoin per block in November of 2012. It will halve again to 12.5 bitcoin per block sometime in 2016. Based on this formula, bitcoin mining rewards decrease exponentially until approximately the year 2140 when all bitcoin (20.99999998 million) will have been issued. After 2140, no new bitcoins are issued. From 9322a60b831c927479b3ef8758f7a888964c4f08 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Mon, 25 Aug 2014 01:50:03 +0800 Subject: [PATCH 31/37] Most won't know what a clearing house is --- ch08.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch08.asciidoc b/ch08.asciidoc index 3e0e1e66..0f81d186 100644 --- a/ch08.asciidoc +++ b/ch08.asciidoc @@ -4,7 +4,7 @@ [[mining]] === Introduction - Mining and Consensus -Mining is the process by which new bitcoin is added to the money supply. Mining also serves to secure the bitcoin system against fraudulent transactions or transactions spending the same amount of bitcoin more than once, known as a double-spend. Miners provide processing power to the bitcoin network in exchange for the opportunity to be rewarded bitcoin. Miners act as a decentralized clearinghouse, validating new transactions and recording them on the global ledger. A new block, containing transactions that occurred since the last block, is "mined" every 10 minutes, thereby adding those transactions to the blockchain. Transactions that become part of a block and added to the blockchain are considered "confirmed", which allows the new owners of bitcoin to spend the bitcoin they received in those transactions. Miners receive two types of reward for mining: new coins created with each new block and transaction fees from all the transactions included in the block. To earn this reward, the miners compete to solve a difficult mathematical problem based on a cryptographic hash algorithm. The solution to the problem, called the Proof-of-Work, is included in the new block and acts as proof that the miner expended significant computing effort. The competition to solve the Proof-of-Work algorithm to earn reward and the right to record transactions on the blockchain is the basis for bitcoin's security model. +Mining is the process by which new bitcoin is added to the money supply. Mining also serves to secure the bitcoin system against fraudulent transactions or transactions spending the same amount of bitcoin more than once, known as a double-spend. Miners provide processing power to the bitcoin network in exchange for the opportunity to be rewarded bitcoin. Miners validate new transactions and recording them on the global ledger. A new block, containing transactions that occurred since the last block, is "mined" every 10 minutes, thereby adding those transactions to the blockchain. Transactions that become part of a block and added to the blockchain are considered "confirmed", which allows the new owners of bitcoin to spend the bitcoin they received in those transactions. Miners receive two types of reward for mining: new coins created with each new block and transaction fees from all the transactions included in the block. To earn this reward, the miners compete to solve a difficult mathematical problem based on a cryptographic hash algorithm. The solution to the problem, called the Proof-of-Work, is included in the new block and acts as proof that the miner expended significant computing effort. The competition to solve the Proof-of-Work algorithm to earn reward and the right to record transactions on the blockchain is the basis for bitcoin's security model. The process of new coin generation is called mining, because the reward is designed to simulate diminishing returns, just like mining for precious metals. Bitcoin's money supply is created through mining, similar to how a central bank issues new money by printing bank notes. The amount of newly created bitcoin a miner can add to a block decreases approximately every four years (or precisely every 210,000 blocks). It started at 50 bitcoin per block in January of 2009 and halved to 25 bitcoin per block in November of 2012. It will halve again to 12.5 bitcoin per block sometime in 2016. Based on this formula, bitcoin mining rewards decrease exponentially until approximately the year 2140 when all bitcoin (20.99999998 million) will have been issued. After 2140, no new bitcoins are issued. From 06155bcb20b748729a18bcc2b7f6523dc52f7788 Mon Sep 17 00:00:00 2001 From: Lornestar Date: Mon, 25 Aug 2014 01:52:05 +0800 Subject: [PATCH 32/37] Never heard that ex nihilo before, no need --- ch08.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch08.asciidoc b/ch08.asciidoc index 0f81d186..89b2cd0e 100644 --- a/ch08.asciidoc +++ b/ch08.asciidoc @@ -16,7 +16,7 @@ In this chapter, we will first examine mining as a monetary supply mechanism and ==== Bitcoin Economics and Currency Creation -Bitcoins are "minted" during the creation of each block at a fixed and diminishing rate. Each block, generated on average every 10 minutes, contains entirely new bitcoins, created ex nihilo (from nothing). Every 210,000 blocks or approximately every four years the currency issuance rate is decreased by 50%. For the first four years of operation of the network, each block contained 50 new bitcoin. In November of 2012, the new bitcoin issuance rate was decreased to 25 bitcoin per block and it will decrease again to 12.5 bitcoin at block 420,000, which will be mined sometime in 2016. The rate of new coins decreases like this exponentially over 64 "halvings", until block 13,230,000 (mined approximately in year 2137) when it reaches the minimum currency unit of 1 satoshi. Finally, after 13.44 million blocks, in approximately 2140, all 2,099,999,997,690,000 satoshis, or almost 21 million bitcoin will be issued. Thereafter, blocks will contain no new bitcoin, and miners will be rewarded solely through the transaction fees. +Bitcoins are "minted" during the creation of each block at a fixed and diminishing rate. Each block, generated on average every 10 minutes, contains entirely new bitcoins, created from nothing. Every 210,000 blocks or approximately every four years the currency issuance rate is decreased by 50%. For the first four years of operation of the network, each block contained 50 new bitcoin. In November of 2012, the new bitcoin issuance rate was decreased to 25 bitcoin per block and it will decrease again to 12.5 bitcoin at block 420,000, which will be mined sometime in 2016. The rate of new coins decreases like this exponentially over 64 "halvings", until block 13,230,000 (mined approximately in year 2137) when it reaches the minimum currency unit of 1 satoshi. Finally, after 13.44 million blocks, in approximately 2140, all 2,099,999,997,690,000 satoshis, or almost 21 million bitcoin will be issued. Thereafter, blocks will contain no new bitcoin, and miners will be rewarded solely through the transaction fees. [[bitcoin_money_supply]] .Supply of bitcoin currency over time based on a geometrically decreasing issuance rate From 6383f127f9ae077c28c53905ca4d0714b9ad887d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dirk=20J=C3=A4ckel?= Date: Sun, 24 Aug 2014 23:04:33 +0200 Subject: [PATCH 33/37] SPV stands for Simplified Payment Verification --- ch02.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ch02.asciidoc b/ch02.asciidoc index 64c4193d..774ded91 100644 --- a/ch02.asciidoc +++ b/ch02.asciidoc @@ -241,7 +241,7 @@ image::images/Blockchain_height_and_depth.png["Alice's transaction included in a === Spending the transaction -Now that Alice's transaction has been embedded in the blockchain as part of a block, it is part of the distributed ledger of bitcoin and visible to all bitcoin applications. Each bitcoin client can independently verify the transaction as valid and spendable. Full-index clients can track the source of the funds from the moment the bitcoins were first generated in a block, incrementally from transaction to transaction, until they reach Bob's address. Lightweight clients can do a Simple Payment Verification (See SPV:<>) by confirming that the transaction is in the blockchain and has several blocks mined after it, thus providing assurance that the network accepts it as valid. +Now that Alice's transaction has been embedded in the blockchain as part of a block, it is part of the distributed ledger of bitcoin and visible to all bitcoin applications. Each bitcoin client can independently verify the transaction as valid and spendable. Full-index clients can track the source of the funds from the moment the bitcoins were first generated in a block, incrementally from transaction to transaction, until they reach Bob's address. Lightweight clients can do a Simplified Payment Verification (See SPV:<>) by confirming that the transaction is in the blockchain and has several blocks mined after it, thus providing assurance that the network accepts it as valid. Bob can now spend the output from this and other transactions, by creating his own transactions that reference these outputs as their inputs and assign them new ownership. For example, Bob can pay a contractor or supplier by transferring value from Alice's coffee cup payment to these new owners. Most likely, Bob's bitcoin software will aggregate many small payments into a larger payment, perhaps concentrating all the day's bitcoin revenue into a single transaction. This would move the various payments into a single address, utilized as the store's general "checking" account. For a diagram of an aggregating transaction, see <>. From 21a09c26a2b54654cfe2c8751c51c5b6d4bfa13e Mon Sep 17 00:00:00 2001 From: "Minh T. Nguyen" Date: Sun, 24 Aug 2014 14:40:02 -0700 Subject: [PATCH 34/37] Changing 'Simple Payment Verification' to 'Simplified Payment Verification' in all other chapters to per issue #124. --- ch06.asciidoc | 8 ++++---- ch07.asciidoc | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ch06.asciidoc b/ch06.asciidoc index f8f2421e..3cabf0f6 100644 --- a/ch06.asciidoc +++ b/ch06.asciidoc @@ -21,7 +21,7 @@ image::images/FullNodeReferenceClient_Small.png["FullNodeReferenceClient_Small"] All nodes include the routing function to participate in the network and may include other functionality. All nodes validate and propagate transactions and blocks, and discover and maintain connections to peers. In the full node example above, the routing function is indicated by an orange circle named "Network Routing Node". -Some nodes, called full nodes, also maintain a complete and up-to-date copy of the blockchain. Full nodes can autonomously and authoritatively verify any transaction without external reference. Some nodes maintain only a subset of the blockchain and verify transactions using a method called _Simple Payment Verification_ or SPV. These nodes are known as SPV or Lightweight nodes. In the full node example above, the full node blockchain database function is indicated by a blue circle named "Full Blockchain". SPV nodes are drawn without the blue circle, showing that they do not have a full copy of the blockchain. +Some nodes, called full nodes, also maintain a complete and up-to-date copy of the blockchain. Full nodes can autonomously and authoritatively verify any transaction without external reference. Some nodes maintain only a subset of the blockchain and verify transactions using a method called _Simplified Payment Verification_ or SPV. These nodes are known as SPV or Lightweight nodes. In the full node example above, the full node blockchain database function is indicated by a blue circle named "Full Blockchain". SPV nodes are drawn without the blue circle, showing that they do not have a full copy of the blockchain. Mining nodes compete to create new blocks by running specialized hardware to solve the proof-of-work algorithm. Some mining nodes are also full nodes, maintaining a full copy of the blockchain while others are lightweight nodes participating in pool mining and depending on a pool server to maintain a full node. The mining function is shown in the full node above as a black circle named "Miner". @@ -149,15 +149,15 @@ This process of comparing the local blockchain with the peers and retrieving any .Node synchronizing the blockchain by retrieving blocks from a peer image::images/InventorySynchronization.png["InventorySynchronization"] -=== Simple Payment Verification (SPV) Nodes +=== Simplified Payment Verification (SPV) Nodes -Not all nodes have the ability to store the full blockchain. Many bitcoin clients are designed to run on space- and power-constrained devices, such as smartphones, tablets or embedded systems. For such devices, a _simple payment verification_ (SPV) method is used to allow them to operate without storing the full blockchain. These types of clients are called SPV clients or lightweight clients. As bitcoin adoption surges, the SPV node is becoming the most common form of bitcoin node, especially for bitcoin wallets. +Not all nodes have the ability to store the full blockchain. Many bitcoin clients are designed to run on space- and power-constrained devices, such as smartphones, tablets or embedded systems. For such devices, a _simplified payment verification_ (SPV) method is used to allow them to operate without storing the full blockchain. These types of clients are called SPV clients or lightweight clients. As bitcoin adoption surges, the SPV node is becoming the most common form of bitcoin node, especially for bitcoin wallets. SPV nodes download only the block headers and do not download the transactions included in each block. The resulting chain of blocks, without transactions, is 1,000 times smaller than the full blockchain. SPV nodes cannot construct a full picture of all the UTXOs that are available for spending, as they do not know about all the transactions on the network. SPV nodes verify transactions using a slightly different methodology that relies on peers to provide partial views of relevant parts of the blockchain on-demand. As an analogy, a full node is like a tourist in a strange city, equipped with a detailed map of every street and every address. By comparison, an SPV node is like a tourist in a strange city asking random strangers for turn-by-turn directions while knowing only one main avenue. While both tourists can verify the existence of a street by visiting it, the tourist without a map doesn't know what lies down any of the side streets and doesn't know what other streets exist. Positioned in front of 23 Church Street, the tourist without a map cannot know if there are a dozen other "23 Church Street" addresses in the city and whether this is the right one. The map-less tourist's best chance is to ask enough people and hope some of them are not trying to mug the tourist. -Simple Payment Verification verifies transactions by reference to their _depth_ in the blockchain instead of their _height_. Whereas a full-blockchain node will construct a fully verified chain of thousands of blocks and transactions reaching down the blockchain (back in time) all the way to the genesis block, an SPV node will verify the chain of all blocks and link that chain to the transaction of interest. +Simplified Payment Verification verifies transactions by reference to their _depth_ in the blockchain instead of their _height_. Whereas a full-blockchain node will construct a fully verified chain of thousands of blocks and transactions reaching down the blockchain (back in time) all the way to the genesis block, an SPV node will verify the chain of all blocks and link that chain to the transaction of interest. For example, when examining a transaction in block 300,000, a full node links all 300,000 blocks down to the genesis block and builds a full database of UTXO, establishing the validity of the transaction by confirming that the UTXO remains unspent. An SPV node cannot validate whether the UTXO is unspent. Instead, the SPV node will establish a link between the transaction and the block that contains it, using a Merkle Path (see <>). Then, the SPV node waits until it sees the six blocks 300,001 through 300,006 piled on top of the block containing the transaction and verifies it by establishing its depth under blocks 300,006 to 300,001. The fact that other nodes on the network accepted block 300,000 and then did the necessary work to produce 6 more blocks on top of it is proof, by proxy, that the transaction was not a double-spend. diff --git a/ch07.asciidoc b/ch07.asciidoc index 470ef968..997fcaf3 100644 --- a/ch07.asciidoc +++ b/ch07.asciidoc @@ -194,11 +194,11 @@ The efficiency of merkle trees becomes obvious as the scale increases. For examp | 65,535 transactions | 16 megabytes | 16 hashes | 512 bytes |======= -As you can see from the table above, while the block size increases rapidly, from 4KB with 16 transactions to a block size of 16 MB to fit 65,535 transactions, the merkle path required to prove the inclusion of a transaction increases much more slowly, from 128 bytes to only 512 bytes. With merkle trees, a node can download just the block headers (80 bytes per block) and still be able to identify a transaction's inclusion in a block by retrieving a small merkle path from a full node, without storing or transmitting the vast majority of the blockchain which may be several gigabytes in size. Nodes which do not maintain a full blockchain, called Simple Payment Verification or SPV nodes use merkle paths to verify transactions without downloading full blocks. +As you can see from the table above, while the block size increases rapidly, from 4KB with 16 transactions to a block size of 16 MB to fit 65,535 transactions, the merkle path required to prove the inclusion of a transaction increases much more slowly, from 128 bytes to only 512 bytes. With merkle trees, a node can download just the block headers (80 bytes per block) and still be able to identify a transaction's inclusion in a block by retrieving a small merkle path from a full node, without storing or transmitting the vast majority of the blockchain which may be several gigabytes in size. Nodes which do not maintain a full blockchain, called Simplified Payment Verification or SPV nodes use merkle paths to verify transactions without downloading full blocks. -=== Merkle Trees and Simple Payment Verification (SPV) +=== Merkle Trees and Simplified Payment Verification (SPV) -Merkle trees are used extensively by Simple Payment Verification nodes. SPV nodes don't have all transactions and do not download full blocks, just block headers. In order to verify that a transaction is included in a block, without having to download all the transactions in the block, they use an _authentication path_, or merkle path. +Merkle trees are used extensively by Simplified Payment Verification nodes. SPV nodes don't have all transactions and do not download full blocks, just block headers. In order to verify that a transaction is included in a block, without having to download all the transactions in the block, they use an _authentication path_, or merkle path. Consider for example an SPV node that is interested in incoming payments to an address contained in its wallet. The SPV node will establish a bloom filter on its connections to peers to limit the transactions received to only those containing addresses of interest. When a peer sees a transaction that matches the bloom filter, it will send that block using a +merkleblock+ message. The +merkleblock+ message contains the block header as well as a merkle path that links the transaction of interest to the merkle root in the block. The SPV node can use this merkle path to connect the transaction to the block and verify that the transaction is included in the block. The SPV node also uses the block header to link the block to the rest of the blockchain. The combination of these two links, between the transaction and block, and between the block and blockchain, proves that the transaction is recorded in the blockchain. All in all, the SPV node will have received less than a kilobyte of data for the block header and merkle path, an amount of data that is more than a thousand times less than a full block (about 1 megabyte currently). From 770115bab2c4382c394df4b99e88ad8cbd16fcfd Mon Sep 17 00:00:00 2001 From: "Andreas M. Antonopoulos" Date: Mon, 25 Aug 2014 10:53:48 -0400 Subject: [PATCH 35/37] removed section describing the economic benefits of bitcoin. Do not want to add political and economic statements that are not easily substantiated and seem off-topic. --- ch01.asciidoc | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/ch01.asciidoc b/ch01.asciidoc index 0cd53e7e..a819686c 100644 --- a/ch01.asciidoc +++ b/ch01.asciidoc @@ -45,16 +45,6 @@ The bitcoin network started in 2009, based on a reference implementation publish Satoshi Nakamoto withdrew from the public in April of 2011, leaving the responsibility of developing the code and network to a thriving group of volunteers. The name Satoshi Nakamoto is an alias and the identity of the person or people behind this invention is currently unknown. However, neither Satoshi Nakamoto nor anyone else exerts control over the bitcoin system, which operates based on fully transparent mathematical principles. The invention itself is groundbreaking and has already spawned new science in the fields of distributed computing, economics and econometrics. -Bitcoin has the potential to fix many financial and economic problems that exist today due to flawed centralized systems. Some examples are: -* Hyperinflation that has severly hurt the economies of countries like Argentinian and Zimbabwe. -* 2.5 Billion unbanked around the world who do not benefit from the financial services most do in the developed world. -* Merchants getting charged 2-4% per transaction when accepting credit cards. -* Bank accounts getting frozen, or funds seized from accounts for various reasons. -* People sending money back home and getting charged remittance fees that can range from 2-20%. -* Lack of transparency when performing a wire transfer. -* World travelers getting charged exchange rate fees when using credit cards in foreign countries. -* Citizens of Cyprus having bank accounts frozen for two weeks to secure a Eurozone bailout. - .A Solution To a Distributed Computing Problem **** From e0cd0073e5ccc114c2f4b1e9829f2756368f67e5 Mon Sep 17 00:00:00 2001 From: "Andreas M. Antonopoulos" Date: Mon, 25 Aug 2014 11:23:46 -0400 Subject: [PATCH 36/37] Gavin Andresen's comments and corrections. --- ch05.asciidoc | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/ch05.asciidoc b/ch05.asciidoc index 2130a64e..9b42220c 100644 --- a/ch05.asciidoc +++ b/ch05.asciidoc @@ -201,7 +201,11 @@ A locking script is an encumbrance placed on an output, and it specifies the con An unlocking script is a script that "solves", or satisfies, the conditions placed on an output by a locking script and allows the output to be spent. Unlocking scripts are part of every transaction input and most of the time they contain a digital signature produced by the user's wallet from their private key. Historically, the unlocking script is called _scriptSig_, because it usually contained a digital signature. In this book we refer to it as an "unlocking script" to acknowledge the much broader range of locking script requirements, as not all unlocking scripts must contain signatures. As mentioned above, in most bitcoin applications the source code will refer to the unlocking script as "scriptSig". -Every bitcoin client will validate transactions by executing the locking and unlocking scripts together. For each input in the transaction, the validation software will first retrieve the UTXO referenced by the input. That UTXO contains a locking script defining the conditions required to spend it. The validation software will then take the unlocking script contained in the input that is attempting to spend this UTXO and concatenate them. The locking script is added to the end of the unlocking script and then the entire combined script is executed using the script execution engine. If the result of executing the combined script is "TRUE", the unlocking script has succeeded in resolving the conditions imposed by the locking script and therefore the input is a valid authorization to spend the UTXO. If any result other than "TRUE" remains after execution of the combined script, the input is invalid as it has failed to satisfy the spending conditions placed on the UTXO. Note that the UTXO is permanently recorded in the blockchain, and therefore is invariable and is unaffected by failed attempts to spend it by reference in a new transaction. Only a valid transaction that correctly satisfies the conditions of the UTXO results in the UTXO being marked as "spent" and removed from the set of available (unspent) UTXO. +Every bitcoin client will validate transactions by executing the locking and unlocking scripts together. For each input in the transaction, the validation software will first retrieve the UTXO referenced by the input. That UTXO contains a locking script defining the conditions required to spend it. The validation software will then take the unlocking script contained in the input that is attempting to spend this UTXO and execute the two scripts. + +In the original bitcoin client, the unlocking and locking scripts were concatenated and executed in sequence. For security reasons, this was changed in 2010, because of a vulnerability that allowed a malformed unlocking script to push data onto the stack and corrupt the locking script. In the current implementation the scripts are executed separately with the stack transferred between the two executions, as described below. + +First, the unlocking script is executed, using the stack execution engine. If the unlocking script executed without errors (e.g it has no "dangling" operators leftover), the main stack (not the alternate stack) is copied and the locking script is executed. If the result of executing the locking script with the stack data copied from the unlocking script is "TRUE", the unlocking script has succeeded in resolving the conditions imposed by the locking script and therefore the input is a valid authorization to spend the UTXO. If any result other than "TRUE" remains after execution of the combined script, the input is invalid as it has failed to satisfy the spending conditions placed on the UTXO. Note that the UTXO is permanently recorded in the blockchain, and therefore is invariable and is unaffected by failed attempts to spend it by reference in a new transaction. Only a valid transaction that correctly satisfies the conditions of the UTXO results in the UTXO being marked as "spent" and removed from the set of available (unspent) UTXO. Below is an example of the unlocking and locking scripts for the most common type of bitcoin transaction (a payment to a public key hash), showing the combined script resulting from the concatenation of the unlocking and locking scripts prior to script validation: @@ -315,7 +319,7 @@ image::images/Tx_Script_P2PubKeyHash_2.png["Tx_Script_P2PubKeyHash_2"] [[p2pk]] ==== Pay-to-Public-Key -Pay-to-Public-Key is a simpler form of a bitcoin payment than Pay-to-Public-Key-Hash. With this script form, the public key itself is stored in the locking script, rather than a public-key-hash as with P2PKH above, which is much shorter. The disadvantage of this form of locking script is that it consumes more space in the blockchain to store these types of payments, because a public key is 264 or 520 bits long (depending on whether it is compressed), whereas a public key hash is only 160 bits long. For legacy compatibility, Pay-to-Public-Key is used in all coinbase generation transactions, the transactions that pay the reward to the miners. +Pay-to-Public-Key is a simpler form of a bitcoin payment than Pay-to-Public-Key-Hash. With this script form, the public key itself is stored in the locking script, rather than a public-key-hash as with P2PKH above, which is much shorter. Pay-to-Public-Key-Hash was invented by Satoshi to make bitcoin addresses shorter, for ease of use. Pay-to-Public-Key is now most often seen in coinbase transactions, generated by older mining software that has not been updated to use P2PKH. A Pay-to-Public-Key locking script looks like this: ---- @@ -385,7 +389,7 @@ where the data portion is limited to 40 bytes and most often represents a hash, Keep in mind that there is no "unlocking script" that corresponds to OP_RETURN that could possibly be used to "spend" an OP_RETURN output. The whole point of OP_RETURN is that you can't spend the money locked in that output and therefore it does not need to be held in the UTXO set as potentially spendable - OP_RETURN is _provably un-spendable_. OP_RETURN is usually an output with a zero bitcoin amount, since any bitcoin assigned to such an output is effectively lost forever. If an OP_RETURN is encountered by the script validation software, it results immediately in halting the execution of the validation script and marking the transaction as invalid. Thus, if you accidentally reference an OP_RETURN output as an input in a transaction, that transaction is invalid. -A valid transaction can have only one OP_RETURN output. However, a single OP_RETURN output can be combined in a transaction with outputs of any other type. +A standard transaction (one that conforms to the +isStandard()+ checks) can have only one OP_RETURN output. However, a single OP_RETURN output can be combined in a transaction with outputs of any other type. [[p2sh]] ==== Pay to Script Hash (P2SH) @@ -404,7 +408,7 @@ While multi-signature scripts are a powerful feature, they are cumbersome to use Pay-to-Script-Hash (P2SH) was developed to resolve these practical difficulties and to make the use of complex scripts as easy as a payment to a bitcoin address. With P2SH payments, the complex locking script is replaced with its digital fingerprint, a cryptographic hash. When a transaction attempting to spend the UTXO is presented later, it must contain the script that matches the hash, in addition to the unlocking script. In simple terms, P2SH means "pay to a script matching this hash, a script which will be presented later when this output is spent". -In P2SH transactions, the locking script that is replaced by a hash is referred to as the _redeemScript_ because it is presented to the system at redemption time rather than as a locking script. +In P2SH transactions, the locking script that is replaced by a hash is referred to as the _redeem script_ because it is presented to the system at redemption time rather than as a locking script. [[without_p2sh]] .Complex Script without P2SH @@ -417,11 +421,11 @@ In P2SH transactions, the locking script that is replaced by a hash is referred .Complex Script as P2SH |======= | Redeem Script | 2 PubKey1 PubKey2 PubKey3 PubKey4 PubKey5 5 OP_CHECKMULTISIG -| Locking Script | OP_HASH160 <20-byte hash of redeemScript> OP_EQUAL -| Unlocking Script | Sig1 Sig2 redeemScript +| Locking Script | OP_HASH160 <20-byte hash of redeem script> OP_EQUAL +| Unlocking Script | Sig1 Sig2 redeem script |======= -As you can see from the tables above, with P2SH the complex script that details the conditions for spending the output (redeemScript) is not presented in the locking script. Instead, only a hash of it is in the locking script and the redeemScript itself is presented later, as part of the unlocking script when the output is spent. This shifts the burden in fees and complexity from the sender to the recipient (spender) of the transaction. +As you can see from the tables above, with P2SH the complex script that details the conditions for spending the output (redeem script) is not presented in the locking script. Instead, only a hash of it is in the locking script and the redeem script itself is presented later, as part of the unlocking script when the output is spent. This shifts the burden in fees and complexity from the sender to the recipient (spender) of the transaction. Let's look at Mohammed's company, their complex multi-signature script and the resulting P2SH scripts. @@ -451,17 +455,17 @@ A P2SH transaction locks the output to this hash instead of the longer script, u ---- OP_HASH160 54c557e07dde5bb6cb791c7a540e0a4796f5e97e OP_EQUAL ---- -which, as you can see is much shorter. Instead of "pay to this 5-key multi-signature script", the P2SH equivalent transaction is "pay to a script with this hash". A customer making a payment to Mohammed's company need only include this much shorter locking script in their payment. When Mohammed wants to spend this UTXO, they must present the original redeemScript (the one whose hash locked the UTXO) and the signatures necessary to unlock it, like this: +which, as you can see is much shorter. Instead of "pay to this 5-key multi-signature script", the P2SH equivalent transaction is "pay to a script with this hash". A customer making a payment to Mohammed's company need only include this much shorter locking script in their payment. When Mohammed wants to spend this UTXO, they must present the original redeem script (the one whose hash locked the UTXO) and the signatures necessary to unlock it, like this: ---- <2 PK1 PK2 PK3 PK4 PK5 5 OP_CHECKMULTISIG> ---- -The two scripts are combined in two stages. First, the redeemScript is checked against the locking script to make sure the hash matches: +The two scripts are combined in two stages. First, the redeem script is checked against the locking script to make sure the hash matches: ---- -<2 PK1 PK2 PK3 PK4 PK5 5 OP_CHECKMULTISIG> OP_HASH160 OP_EQUAL +<2 PK1 PK2 PK3 PK4 PK5 5 OP_CHECKMULTISIG> OP_HASH160 OP_EQUAL ---- -If the redeemScript hash matches, then the unlocking script is executed on its own, to unlock the redeemScript: +If the redeem script hash matches, then the unlocking script is executed on its own, to unlock the redeem script: ---- 2 PK1 PK2 PK3 PK4 PK5 5 OP_CHECKMULTISIG ---- @@ -481,19 +485,21 @@ The Pay-to-Script-Hash feature offers the following benefits compared to the dir * P2SH shifts the burden of constructing the script to the recipient not the sender * P2SH shifts the burden in data storage for the long script from the output (which is in the UTXO set and therefore impacts memory) to the input (only stored on the blockchain) * P2SH shifts the burden in data storage for the long script from the present time (payment) to a future time (when it is spent) -* P2SH shifts the transaction fee cost of a long script from the sender to the recipient who has to include the long redeemScript to spend it +* P2SH shifts the transaction fee cost of a long script from the sender to the recipient who has to include the long redeem script to spend it ===== Redeem Script and isStandard Validation -Pay-to-Script-Hash is currently limited to the standard types of bitcoin transaction scripts, by the +isStandard()+ function. That means that the redeemScript presented in the spending transaction must be one of the standard types: P2PK, P2PKH or Multi-Sig, excluding OP_RETURN and P2SH itself. You cannot reference a P2SH script inside a redeemScript and you can't use an OP_RETURN inside a P2SH redeemScript. +Prior to version 0.9.2 of the Bitcoin Core client, Pay-to-Script-Hash was limited to the standard types of bitcoin transaction scripts, by the +isStandard()+ function. That means that the redeem script presented in the spending transaction could only be one of the standard types: P2PK, P2PKH or Multi-Sig, excluding OP_RETURN and P2SH itself. + +As of version 0.9.2 of the Bitcoin Core client, P2SH transactions can contain any valid script, making the P2SH standard much more flexible and allowing for experimentation with many novel and complex types of transactions. -This limitation of redeemScript to only standard transaction scripts is temporary and will likely be removed in future versions of the bitcoin reference implementation, allowing the use of any valid script inside a P2SH redeemScript. You will still not be able to put a P2SH inside a P2SH redeemScript, because the P2SH specification is not recursive. You will still not be able to use OP_RETURN in a redeemScript because OP_RETURN cannot be redeemed by definition. But you will be able someday to use all the other operators to create a vast range of complex and novel scripts that can be used as redeemScripts and referenced as P2SH payment to their hash. +Note that you are not able to put a P2SH inside a P2SH redeem script, because the P2SH specification is not recursive. You are also still not be able to use OP_RETURN in a redeem script because OP_RETURN cannot be redeemed by definition. -Note that since the redeemScript is not presented to the network until you attempt to spend a P2SH output, if you lock an output with the hash of a non-standard transaction it will be processed as valid. However, you will not be able to spend it as the spending transaction which includes the redeemScript will not be accepted, as it is non-standard. This creates a risk, as you can lock bitcoin in a P2SH which cannot be later spent. The network will accept the P2SH encumbrance even if it corresponds to a non-standard or invalid redeemScript, because the script hash gives no indication of the script it represents. +Note that since the redeem script is not presented to the network until you attempt to spend a P2SH output, if you lock an output with the hash of an invalid transaction it will be processed regardless. However, you will not be able to spend it as the spending transaction which includes the redeem script will not be accepted, as it is an invalid script. This creates a risk, because you can lock bitcoin in a P2SH which cannot be later spent. The network will accept the P2SH encumbrance even if it corresponds to an invalid redeem script, because the script hash gives no indication of the script it represents. [WARNING] ==== -P2SH locking scripts contain the hash of a redeemScript which gives no clues as to the content of the redeemScript itself. The P2SH transaction will be considered valid and accepted even if the redeemScript is invalid or non-standard. You may accidentally lock bitcoin in such a way that it cannot later be spent. +P2SH locking scripts contain the hash of a redeem script which gives no clues as to the content of the redeem script itself. The P2SH transaction will be considered valid and accepted even if the redeem script is invalid. You may accidentally lock bitcoin in such a way that it cannot later be spent. ==== [[tx_script_ops]] From 209e6a808ce3aa903dd3f5f079d8b9a28b312197 Mon Sep 17 00:00:00 2001 From: "Andreas M. Antonopoulos" Date: Mon, 25 Aug 2014 11:36:44 -0400 Subject: [PATCH 37/37] Amir Taaki's comments and corrections --- ch02.asciidoc | 2 +- ch04.asciidoc | 6 +++--- ch05.asciidoc | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ch02.asciidoc b/ch02.asciidoc index 9d9d7a6a..fe16d750 100644 --- a/ch02.asciidoc +++ b/ch02.asciidoc @@ -233,7 +233,7 @@ https://blockchain.info/block-height/277316 A few minutes later, a new block, #277317 is mined by another miner. As this new block is based on the previous block (#277316) that contained Alice's transaction, it added even more computation on top of that block, thereby strengthening the trust in those transactions. One block mined on top of the one containing the transaction is called "one confirmation" for that transaction. As the blocks pile on top of each other, it becomes exponentially harder to reverse the transaction, thereby making it more and more trusted by the network. -In the diagram below we can see block #277316, which contains Alice's transaction. Below it are 277,315 blocks, linked to each other in a chain of blocks (blockchain) all the way back to block #0, the genesis block. Over time, as the "height" in blocks increases, so does the computation difficulty for each block and the chain as a whole. The blocks mined after the one that contains Alice's transaction act as further assurance, as they pile on more computation in a longer and longer chain. The blocks above count as "confirmations". By convention, any block with more than 6 confirmations is considered irrevocable, as it would require an immense amount of computation to invalidate and re-calculate six blocks. We will examine the process of mining and the way it builds trust in more detail in <>. +In the diagram below we can see block #277316, which contains Alice's transaction. Below it are 277,316 blocks (including block #0), linked to each other in a chain of blocks (blockchain) all the way back to block #0, the genesis block. Over time, as the "height" in blocks increases, so does the computation difficulty for each block and the chain as a whole. The blocks mined after the one that contains Alice's transaction act as further assurance, as they pile on more computation in a longer and longer chain. The blocks above count as "confirmations". By convention, any block with more than 6 confirmations is considered irrevocable, as it would require an immense amount of computation to invalidate and re-calculate six blocks. We will examine the process of mining and the way it builds trust in more detail in <>. [[block-alice]] .Alice's transaction included in block #277,316 diff --git a/ch04.asciidoc b/ch04.asciidoc index 82b7d80e..d167b03b 100644 --- a/ch04.asciidoc +++ b/ch04.asciidoc @@ -469,13 +469,13 @@ image::images/non-deterministic_wallet.png["non-deterministic wallet"] Deterministic, or "seeded" wallets are wallets that contain private keys which are all derived from a common seed, through the use of a one-way hash function. The seed is a randomly generated number which is combined with other data, such as an index number or "chain code" (see <>) to derive the private keys. In a deterministic wallet, the seed is sufficient to recover all the derived keys and therefore a single backup at creation time is sufficient. The seed is also sufficient for a wallet export or import, allowing for easy migration of all the user's keys between different wallet implementations. -==== Mnemonic Code Words (BIP0039) +==== Mnemonic Code Words (DRAFT:BIP0039) Mnemonic codes are English word sequences that are generated from a random sequence and used to produce a seed for use in deterministic wallets. The sequence of words is sufficient to re-create the seed and from there re-create the wallet and all the derived keys. A wallet application that implements deterministic wallets with mnemonic code will show the user a sequence of 12-24 words when first creating a wallet. That sequence of words is the wallet backup and can be used to recover and re-create all the keys in the same or any compatible wallet application. -The common standard for mnemonic codes is defined in Bitcoin Improvement Proposal 39 (see <>), currently in Draft status. +Mnemonic codes are defined in Bitcoin Improvement Proposal 39 (see <>), currently in Draft status. Note that BIP0039 is a draft proposal and not a standard. Specifically, there is a different standard, with a different set of words used by the Electrum wallet and _predating_ BIP0039. BIP0039 is used by the Trezor wallet and a few other wallets but is incompatible with Electrum's implementation. -The standard defines the creation of a mnemonic code and seed as a follows: +BIP0039 defines the creation of a mnemonic code and seed as a follows: 1. Create a random sequence (entropy) of 128 to 256 bits 2. Create a checksum of the random sequence by taking the first few bits of its SHA256 hash diff --git a/ch05.asciidoc b/ch05.asciidoc index 9b42220c..e8d12bae 100644 --- a/ch05.asciidoc +++ b/ch05.asciidoc @@ -259,7 +259,7 @@ As we saw in the step-by-step example above, when this script is executed the re [TIP] ==== -Transactions are valid if the top result on the stack is TRUE (1), any other non-zero value or if the stack is empty after script execution. Transactions are invalid if the top value on the stack is FALSE (0) or if script execution is halted explicitly by an operator, such as OP_VERIFY, OP_RETURN or a conditional terminator such as OP_ENDIF. See <> for details. +Transactions are valid if the top result on the stack is TRUE (noted as +{0x01}+), any other non-zero value or if the stack is empty after script execution. Transactions are invalid if the top value on the stack is FALSE (a zero-length empty value, noted as +{}+) or if script execution is halted explicitly by an operator, such as OP_VERIFY, OP_RETURN or a conditional terminator such as OP_ENDIF. See <> for details. ==== ==== Turing Incompleteness