Todays newsletter starts with an excerpt of chapter 1 from Bitcoin: A Work in Progress, followed by some brief thoughts on the ultimate future of scaling.
Bitcoin addresses aren’t part of the Bitcoin blockchain; rather, they’re conventions used by Bitcoin (wallet) software to communicate where coins must be sent to: either a public key (P2PK), a public key hash (P2PKH), a script hash (P2SH), a witness public key hash (P2WPKH), or a witness script hash (P2WSH). Addresses also include some metadata about the address type itself.
Bitcoin addresses communicate these payment options using their own numeric systems, an chapter 1 of the book breaks down what these different systems mean.
When you send bitcoin to someone, you’re creating a transaction that has several inputs and at least one output. The output specifies who can spend it by putting a constraint on it — a fancier term for constraint is encumbrance.
The most trivial encumbrance is that anybody can spend the coin. That’s not a good idea, because it’ll be stolen very quickly. So in the early days, most coins on the blockchain were encumbered in one of two ways: Pay-to-Public-Key (P2PK) and Pay-to-Public-Key-Hash (P2PKH). The first can be read as “only the holder of the private key corresponding to the public key X may spend this coin,” and the second as “only the holder of the private key corresponding to a (secret) public key, which hashes to X, may spend this coin.”
Back then, it was possible to send bitcoin to people’s IP addresses, but this feature was dropped in 2012. When this was possible, you could connect to someone’s IP address and ask for a public key, and the person would give you their public key. Your wallet would then create a new coin encumbered with a P2PK script.
Today, this workflow might seem strange, but it matches the then-common pattern of peer-to-peer apps like Napster or Kazaa, where you’d connect directly to other people and download things from them. Nowadays, you probably don’t know the IP addresses of your friends, and they might even change all the time when they’re on mobile devices. Although you can instruct your Bitcoin node to specifically connect to a friend’s node, it typically just connects to random peers.
The more common way of doing transactions is similar to how bank transfers work. Someone provides you with an address and you send coins to it, just as you’d send money to a bank account number. This initially always used P2PKH, as we’ll explain below.
Instead of sending a transaction directly to the recipient, it makes its way through all the nodes on the network, eventually to be seen by a miner node, which includes it in a block. Your counterparty may see the transaction as their node receives it from one of its peers, or they’ll see it once they receive the block it’s in.
A third way of doing transactions is to mine bitcoin, which involves sending the block reward to yourself. In the beginning, Bitcoin had a piece of mining software built into the software, so if you downloaded the Bitcoin software, it would just start mining. It would then send coins to your own wallet, so there was no need to communicate an address. Those coins were encumbered with P2PK.
We'll continue this chapter next time. Can't wait? Also want to read the footnotes, just buy the book.
A Bitcoin, Explained podcast listener asked how, if fees rise in the future - in order to replace the inflation subsidy - everyone one the planet could afford to own a UTXO. In other words, how can we make sure everyone at least has the option to fall back to the basics. Wouldn't this be prohibitively expensive?
A healthy fee market is necessary to pay miners enough to keep the network secure from attack. However that doesn't have to mean each transaction is expensive. That's a separate problem: we can't make blocks big enough to give 8 billion people their own UTXO. This problem would exist even if the (inflation) block subsidy continued forever.
At the moment I haven't seen a technical solution that allows 8 billion to make on chain transactions. Lightning helps because it makes more efficient use of block space, but it's nowhere near enough. We'll need other break throughs. Or perhaps in 100 years Moore's Law will catch up and allow bigger blocks (big enough to allow everyone to use it, but still have enough fee revenue).
In the mean time there are some proposals that allows sharing UTXO's, such as Fedimint (federated ecash, ep. 52) and payment pools (ep 6). Side chains could be another solution, but that's not a solved problem (e.g. ep. 23 on Drivechains). And even it was solved, it still would be (slightly? a lot?) less secure than a "true" Bitcoin UTXO.