A bitcoin is defined by a sequence of digitally signed transactions that began with the bitcoin's creation as a block reward. The owner of a bitcoin transfers it by digitally signing it over to the next owner using a bitcoin transaction, much like endorsing a traditional bank check. A payee can examine each previous transaction to verify the chain of ownership. Unlike traditional check endorsements, bitcoin transactions are irreversible, which eliminates risk of chargeback fraud.
A bitcoin is a tradeable currency object. Transactions can also be denominated in fractions of a bitcoin, or in multiple bitcoins. Bitcoins are intended to be fungible, though each has a distinct history. Although it is possible to handle bitcoins individually, it would be unwieldy to require a separate transaction for every bitcoin in a transaction. Transactions are therefore allowed to contain multiple inputs and outputs, allowing bitcoins to be split and combined. Common transactions will have either a single input from a larger previous transaction or multiple inputs combining smaller amounts, and one or two outputs: one for the payment, and one returning the change, if any, to the sender. Any difference between the total input and output amounts of a transaction goes to miners as a transaction fee.
A transaction is data with a confirming digital signature. It is sent to the bitcoin network and combined with others to form blocks. It typically contains references to prior transactions and associates a certain number of bitcoins with one or several bitcoin addresses (public keys). It is not encrypted because the bitcoin system does not hold confidential/private data. A block chain browser combines transactions into a block and adds it to the chain. They can be found and verified. This is necessary to determine technical transaction parameters as well as verify payment details.
Transaction confirmation is needed to prevent double spending of the same money.
After a transaction is broadcast to the bitcoin network, it is included in a block that itself is published to the network. When that happens the transaction has been mined at a "depth" of 1 block (in the block chain). With each subsequent block that is found, the depth is increased by one. To be secure against double spending, a transaction is not considered confirmed until it is a certain number of blocks deep. This feature was introduced to protect the system from a bitcoin owner attempting to repeatedly spend the same bitcoin (double-spending). Inclusion of transaction in the block happens with the process of mining.
The conventional bitcoin client shows a transaction as "unconfirmed" until it is 6 blocks deep. Sites or services can set their own limits on how many blocks are needed to be found to confirm a transaction. The number six was chosen deliberately: it is based on a theory that the probability is low that wrongdoers could amass more than 10% of the network's hash rate for purposes of transaction falsification and an insignificant risk (lower than 0.1%) is acceptable. For offenders lacking massive computing power, 6 confirmations are an insurmountable obstacle. In turn any party having more than 10% of the network's computing power would not find it difficult to achieve 6 confirmations in a row, hijacking the chain. This would require millions of dollars' of investment. Bitcoins that are distributed by the network for finding a block can only be used after 100 confirmations e.g. 100 discovered blocks. Conventional bitcoin clients display the coins earned for solving a block only after 120 confirmations.
Two consecutive SHA-256 hashes are used for transaction verification. RIPEMD-160 is used after a SHA-256 hash for bitcoin digital signatures or "addresses". A bitcoin address is the hash of an ECDSA public-key, computed as follows:
Key hash = Version concatenated with RIPEMD-160 (SHA-256 (public key))
Checksum = 1st 4 bytes of SHA-256 (SHA-256 (Key hash))
Bitcoin address = Base58Encode (Key hash concatenated with Checksum)
A bitcoin address is an identifier (account number), starting with 1 or 3 and containing 27-34 alphanumeric Latin characters (except 0, O, I, l). An address can be also represented as a QR-code, is anonymous, and does not contain information about the owner. It can be obtained for free, using, for example, bitcoin software.
The ability to transact bitcoins without the assistance of a central registry is facilitated in part by the availability of a virtually unlimited supply of unique addresses that can be generated and disposed of as needed. The balance of funds at a particular bitcoin address can be ascertained by looking up the transactions to and from that address in the block chain. All valid transfers of bitcoins from an address are digitally signed using the private keys associated with it.
Software that directly connects to the peer-to-peer bitcoin network includes bitcoind and Bitcoin-Qt, the bitcoind GUI counterpart available for Linux, Windows and Mac OS X. Less resource-intensive wallets have been developed, including mobile apps for iOS and Android devices that display and scan QR codes. These services could be built into a stand-alone hardware device.
Many bitcoin websites provide addresses associated with an online account to hold bitcoin funds on the user's behalf, similar in ways to bank accounts. Other sites function primarily as real-time markets, facilitating the sale and purchase of bitcoins with other currencies such as US dollars or euros. Users of this kind of wallet are not obliged to download the entire block chain, and can manage their wallet with any device. Some wallets offer additional services. Wallet privacy is provided by the website operator. This "online" option often serves as the introduction to bitcoin for new users and for short-term storage of small sums, such as day-to-day spending. Website wallets are not recommended for storing large amounts of bitcoin because security cannot be absolutely guaranteed online.
Bitcoin address keys may be printed on paper and used to store bitcoins offline. Compared with "hot wallets"â€”those that are connected to the Internetâ€”these non-digital offline paper wallets are considered a "cold storage" mechanism better suited for safekeeping bitcoins. It is safe to use only if the prints the paper themselves. Bitcoins from a "cold storage" record obtained from a second party as a gift or payment should be immediately transferred to a safer account because the private key could have been copied.
Vendors offer banknotes, coins, cards and other physical objects denominated in bitcoins. The bitcoin balance is bound to the private key printed on the banknote or embedded within the coin. Some of these instruments employ a tamper-evident seal that hides the private key.
It is generally insecure because the producer of a banknote or a coin cannot guarantee that no copies of the private key exist.
Bitcoin address keys may be printed on paper and used to store bitcoins offline. Compared with "hot wallets"â€”those that are connected to the Internetâ€”these non-digital offline paper wallets are considered a "cold storage" mechanism better suited for safekeeping bitcoins. It is safe to use only if the prints the paper themselves. Bitcoins from a "cold storage" record obtained from a second party as a gift or payment should be immediately transferred to a safer account because the private key could have been copied. Vendors offer banknotes, coins, cards and other physical objects denominated in bitcoins. The bitcoin balance is bound to the private key printed on the banknote or embedded within the coin. Some of these instruments employ a tamper-evident seal that hides the private key. It is generally insecure because the producer of a banknote or a coin cannot guarantee that no copies of the private key exist.
To ensure safety, the following measures are recommended:
1) Wallet backup with printing or storing on flash drive without connection to Internet
2) Encryption of the wallet
3) Using a highly-rated service
A private key in the context of bitcoin is a secret number that allows bitcoins to be spent. Every bitcoin address has a matching private key, which is usually saved in the wallet file of the person who owns the account and can be stored using other means and methods. The private key is mathematically related to the bitcoin address, and is designed so that the bitcoin address can be calculated from the private key but, importantly, the private key cannot be derived from the bitcoin address.