This article is part of a GIST series on Bitcoin. In part 1, we described the mathematics that underpins digital currencies like Bitcoin, as well as the security of the web itself. In part 2, we went into more detail as to how Bitcoin itself works. In this part, we will discuss further solutions to the potential problems that Bitcoin can face, and then go into how Bitcoin attempts to keep the production of new Bitcoins relatively stable even in the event of large changes in computational power on the network.

Right now, we know that Bitcoin tries to prevent double spending by making the network verify that users own currency they attempt to spend. By incentivising the network to perform this verification—by rewarding them with bitcoins through the process of mining blocks—individuals can make transactions safe in the knowledge that they will be receiving payment. There remains, however, a more abstract problem that sneaky individuals can take advantage of and it is related to the way in which the network verifies transactions.

Handling ambiguous blocks

Normally, when one user mines a block they publish the result immediately and within minutes everyone else in the network knows that the block has been solved and so stops working on the proof. With blocks only taking around 10 minutes to mine (this is quite well defined – we’ll discuss this later in the article), however, it is conceivable that two users might compute different, valid proofs of work at the same time, without knowledge that the other has already published a solution. This is a case of ‘forked’ blocks, where the blockchain is split into two paths.

Pick the longer blockchain

In this instance, the Bitcoin protocol specifies that users taking part in mining should always, when starting to work on a proof after two ambiguous blocks have been published, point their new block towards the path of the blockchain that appears to them to be longer. This means that as soon as a miner publishes a block pointing to either of two forked blocks, the rest of the miners will disregard the shorter of the two forked blocks and focus on the longer one.

Eventually, even with the presence of forked blocks, the Bitcoin community will agree that only one of the two block chains is valid. This helps to defeat one of the last remaining possibilities that a nefarious buyer will try to use the same coins for two separate transactions at the same time, intentionally creating two different paths in the blockchain. In the end only one of the two transactions will get confirmed.

Controlling a high proportion of the computational power in the network

Validation techniques help to prevent most forms of fraud with Bitcoin transactions. There is still, however, a very small chance that the buyer, with sufficient computing power, could fool the system and double spend the coins, but the mechanism requires a lot of luck and resources. For a block to be accepted, the Bitcoin protocol requires that the transaction be confirmed by 5 proofs of work, which means that the transaction is followed by five newer blocks. If the buyer were to send the bitcoins to the seller, while simultaneously sending the same bitcoins to another account owned by the buyer, then there exists one more possibility of successfully double spending the coins (see Figure 7). Essentially, the evil buyer would make a normal transaction with a seller, then wait until the transaction is confirmed by five blocks. Then, the buyer could maliciously fork the blockchain before they sent the coins to the seller, and instead send the coins to themselves. The buyer would have to possess enough computing power to mine six blocks joined to the forked chain before anyone else in the network is able to mine one, thus producing a longer chain and so having the network accept the new transaction alongside the old one. However, the chances of this being possible are very low. If the buyer controlled 50% of the total computing power in the whole Bitcoin network, they would have about a 1.5% chance of mining five blocks themselves quicker than the other 50% could mine one, which would allow them to confirm two of their own transactions with the same coins—double spending—and produce a block chain that was longer than the other forked block chain. With 1% of the total computing power, the chance would drop to around 1 in 1 trillion. With millions of users worldwide contributing to a huge level of combined power, albeit technically possible, double spending is extremely unlikely to happen. You also have to ask whether it would be worth using such a level of computational power to steal back your spent coins, instead of simply mining new ones.

// Image Credit: Sean Leavey
Figure 7: A malicious buyer taking advantage of a forked block. The buyer sends Seller A some coins and waits until the transaction is placed in a block and verified (by having five blocks follow it). Then the buyer goes back to the block before they sent the payment and sends the same currency to themselves. Meanwhile, the seller thinks the original transaction has been verified and so accepts the payment. However, if the buyer has enough computing power, they can quickly mine five blocks pointing to the new transaction where they’ve paid themselves, thus recovering the money they sent to the seller. Other miners following protocol would then start to attach their new blocks to the new, longer path in the blockchain. Bitcoin attempts to avoid this situation by making blocks very hard to mine, therefore anyone attempting this trick would require huge proportions of the network’s total processing power. The network also adjusts the difficulty to keep this trick from becoming feasible. (Note: not all of the additional blocks in each chain are shown for brevity.)

Self-regulation and stability of mining

Every two weeks, the difficulty of mining is adjusted by the Bitcoin protocol to reflect the rate at which new blocks are produced. This is achieved by varying the target number, below which proofs must be kept, in order to be accepted by everyone on the network; furthermore, the target is recalibrated every two weeks so that, on average, a new block will be mined every 10 minutes. The target number can be precisely adjusted to ensure this happens. This means that new users bringing additional computational power to the network will not have a huge impact on the speed at which new Bitcoins are mined, at least not for longer than two weeks. Additionally, if mining operations were to suddenly drop, such as in the event of a power failure across the United States or a fibre cable being cut in the Atlantic Ocean, then in the next two weeks the difficulty would drop so as to keep the production of Bitcoins steady. This feature exists in order to keep the supply of new coins flowing, in an attempt to keep the Bitcoin economy stable.

Another feature of the Bitcoin protocol is that the reward granted by the network for mining a block halves for every 210,000 blocks mined. With each of the 210,000 blocks taking on average 10 minutes to complete, that means that it takes roughly four years for the reward to halve. This has happened once as of the time of writing, with the initial reward of 50 Bitcoins having been reduced to 25. Eventually, the reward will be reduced to such a low level that it will then be lower than the lowest denomination of Bitcoin – one one-hundred-millionth of a Bitcoin (called a Satoshi, named after Bitcoin’s mysterious creator). This is predicted to occur in around the year 2140. At this point, it will no longer be possible to mine new Bitcoins, but only to trade existing ones. This is an interesting design that mimics the way mining of precious metals works. Instead, users will have to be rewarded for verifying transactions through proofs of work with rewards built into the transactions. This means that part of the buyer’s payment will contain a reward to users to verify the transaction (part of the protocol allows for a buyer to specify a reward to give to the user who verifies the transaction). Rewards in this fashion are currently low because the 25 Bitcoin reward for verification is worth a lot compared to the cost of the energy used to perform it, yet additional rewards from the buyer will have to increase over time, so as to continue to incentivise others to verify transactions.

A deflationary design flaw?

One of the main arguments made against Bitcoin is that it has been programmed to be “deflationary”. Some argue that, because Bitcoin rewards halve every 210,000 blocks, the predicted end to new coins around the year 2140 means that the currency is fundamentally flawed. Real world currencies are not fundamentally deflationary because there is always the possibility that the central bank could print more money. There is no such method in Bitcoin, though future revisions to the protocol might address this issue. Whether this ultimately becomes a major design flaw, no one can say for sure. What is clear is that, as we approach 2140, any lost coins, such as those present in forgotten or lost wallets, will deflate the currency.

Another issue is that, as block rewards decrease to negligible amounts in the time leading up to 2140, the rewards required to be paid by buyers will increase, which will make smaller transactions more costly. This issue is perhaps accentuated by the deflationary nature of post-2140 Bitcoin, and it is possible to imagine scenarios where eventually each transaction will have to be higher than the last in order to afford the rewards paid for verification. More thorough analysis will be required of this, but these potential problems are certainly far off.

Finally, the Bitcoin network currently limits the number of transactions to seven per second. This is an artificial limit that can be lifted in a future version, but it is currently in place to limit the size of the block chain, so that home users can keep a full copy of the transaction history on their own computer (currently around 15GB in size). It may eventually be necessary to run clients only on powerful servers with large hard drive capacity and network connections, in order to keep up with the global transactions. If Bitcoin hopes to become a popular method of payment, then it must handle more than seven transactions per second. In contrast, the global electronic payment platform VISA handles around 2,000 transactions per second ¹.

In the final part of this series, we will talk about the current state of Bitcoin: how people actually use and mine the currency.

Go to Part 4

1. VISA website