How exactly to categorize a bitcoin is a matter of controversy. Is it a type of currency, a store of value, a payment network, or an asset class?
Fortunately, it's easier to define what bitcoin actually is. It's software. Don't be fooled by stock images of shiny coins emblazoned with modified Thai baht symbols. Bitcoin is a purely digital phenomenon, a set of protocols and processes.
It also is the most successful of hundreds of attempts to create virtual money through the use of cryptography, the science of making and breaking codes. But the competition is heating up.
Bitcoin is a network that runs on a protocol known as the blockchain. A 2008 paper by a person or people calling themselves Satoshi Nakamoto first described both the blockchain and bitcoin and for a while the two terms were all but synonymous.
The blockchain has since evolved into a separate concept, and thousands of blockchains have been created using similar cryptographic techniques. This history can make the nomenclature confusing. Blockchain sometimes refers to the original, bitcoin blockchain. At other times it refers to blockchain technology in general, or to any other specific blockchain, such as the one that powers Ethereum.
The basics of blockchain technology are mercifully straightforward. Any given blockchain consists of a single chain of discrete blocks of information, arranged chronologically. In principle this information can be any string of 1s and 0s, meaning it could include emails, contracts, land titles, marriage certificates, or bond trades. This versatility has caught the eye of governments and private corporations.
In bitcoin's case, though, the information is mostly transactions.
Bitcoin is really just a list. Person A sent X bitcoin to person B, who sent Y bitcoin to person C, etc. By tallying these transactions up, everyone knows where individual users stand.
Another name for a blockchain is a "distributed ledger," which emphasizes the key difference between this technology and a well-kept Word document. Bitcoin's blockchain is public. Anyone can download it in its entirety or go to any number of sites that parse it.
You can see, for example, that 15N3yGu3UFHeyUNdzQ5sS3aRFRzu5Ae7EZ sent 0.01718427 bitcoin to 1JHG2qjdk5Khiq7X5xQrr1wfigepJEK3t on August 14, 2017, between 11:10 and 11:20 a.m. The long strings of numbers and letters are addresses, and if you were in law enforcement or just very well-informed, you could probably figure out who controlled them. Bitcoin's network is not totally anonymous, in other words, although taking certain precautions can make it very hard to link individuals to transactions.
How to Buy Bitcoin
Despite being absolutely public, or rather because of that fact, bitcoin is extremely difficult to tamper with. A bitcoin has no physical presence, so you can't protect it by locking it in a safe or burying it in the Canadian wilderness.
In theory, all a thief would need to do to take it from you would be to add a line to the ledger that translates to "you paid me everything you have."
A related worry is double spending. If a bad actor could spend some bitcoin, then spend it again, confidence in the currency's value would quickly evaporate.
To prevent either from happening, you need trust. In this case, the accustomed solution would be to transact through a central, neutral arbiter. A bank. Bitcoin has made that unnecessary, however. (It is probably not a coincidence Satoshi's original description was published in October 2008, when trust in banks was at a multigenerational low.) Rather than having a reliable authority keep the ledger and preside over the network, the bitcoin network is decentralized. Everyone keeps an eye on everyone else.
No one needs to know or trust anyone. Assuming everything is working as intended, the cryptographic protocols ensure that each block of transactions is bolted onto the last in a long, immutable chain.
The process that maintains this trustless public ledger is known as mining. Undergirding the network of bitcoin users who trade the cryptocurrency among themselves is a network of miners, who record these transactions on the blockchain.
Recording a string of transactions is trivial for a modern computer, but mining is difficult because bitcoin's software makes the process artificially time-consuming. Without the added difficulty, people could spoof transactions to enrich themselves or bankrupt other people. They could log it in the blockchain and pile so trivial transactions on top of it that untangling the fraud would become impossible.
By the same token, it would be easy to insert fraudulent transactions into past blocks. The network would become a sprawling, spammy mess of competing ledgers, and bitcoin would be worthless.
Combining "proof of work" with other cryptographic techniques was Satoshi's breakthrough. Bitcoin's software adjusts the difficulty miners face in order to limit the network to one new 1-megabyte block of transactions every 10 minutes. That way the volume of transactions is digestible. The network has time to vet the new block and the ledger that precedes it, and everyone can reach a consensus about the status quo. In there is a "fork" – that is, the chain splits into divergent versions – the longest chain is considered the most valid since the most work has gone into it.
Here is a slightly more technical description of how mining works. The network of miners, who are scattered across the globe and not bound to each other by personal or professional ties, receives the latest batch of transaction data. They run the data through a cryptographic algorithm that generates a "hash," a string of numbers and letters that verifies the information's validity but does not reveal the information itself. (In reality, this ideal vision of decentralized mining is no longer accurate, with industrial-scale mining farms and powerful mining pools forming an oligopoly. More on that below.)
Given the hash 000000000000000000c2c4d562265f272bd55d64f1a7c22ffeb66e15e826ca30, you cannot know what transactions the relevant block (#480504) contains. You can, however, take a bunch of data purporting to be block #480504 and make sure that it has not been tampered with. If one number were out of place, no matter how insignificant, the data would generate a totally different hash. If you run the declaration of independence through a hash calculator, you get 839f561caa4b466c84e2b4809afe116c76a465ce5da68c3370f5c36bd3f67350. Delete the period after "submitted to a candid world," and you get 800790e4fd445ca4c5e3092f9884cdcd4cf536f735ca958b93f60f82f23f97c4. Which is more than a little different.
This technology allows the bitcoin network to instantly check the validity of a block. It would be incredibly time-consuming to comb through the entire ledger to make sure that the person mining the most recent batch of transactions hasn't tried anything funny. Instead, the previous block's hash appears within the new block. If the most minute detail had been altered in the previous block, that hash would change. Even if the alteration was 20,000 blocks back in the chain, that block's hash would set off a cascade of new hashes and tip off the network.
Generating a hash is not really work, though. The process is so quick and easy that bad actors could still spam the network and perhaps, given enough computing power, pass off fraudulent transactions a few blocks back in the chain. So the bitcoin protocol requires proof of work.
It does so by throwing miners a curveball: Their hash must be below a certain target. That's why block #480504's hash starts with a long string of zeroes. It's tiny. Since every string of data will generate one and only one hash, the quest for a sufficiently small one involves adding nonces ("numbers used once") to the end of the data. So a miner will run [thedata]. The hash is too big, try again. [thedata]1. Too big. [thedata]2. Finally, [thedata]93452 yields a hash beginning with the requisite number of zeroes.
The mined block will be broadcast to the network to receive confirmations, which take another hour or so, though occasionally much longer, to process. (Again, this description is simplified. Blocks are not hashed in their entirety, but broken up into more efficient structures called Merkle trees.)
Depending on the kind of traffic the network is receiving, bitcoin's protocol will require a longer or shorter string of zeroes, adjusting the difficulty to hit a rate of one new block every 10 minutes. The current difficulty is around 2.603 trillion, up from 1 in 2009.
Mining is intensive, requiring big, expensive rigs and a lot of electricity to power them. And it's competitive. There's no telling what nonce will work, so the goal is to plow through them as quickly as possible.
Miners have begun to form pools, divvying the rewards up among themselves. And the rewards are juicy. Every time a new block is mined, the successful miner receives a bunch of newly created bitcoin. At first, it was 50, but then it halved to 25, and now it is 12.5 (about $64,000 in April 2019).
The reward will continue to halve every 210,000 blocks, about every four years until it hits zero. At that point, all 21 million bitcoins will have been mined, and miners will depend solely on fees to maintain the network.
The fact that miners have begun to organize themselves into pools worries some. If a pool exceeds 50% of the network's mining power, its members could potentially spend coins, reverse the transactions, and spend them again. They could also block others' transactions.
That could spell the end of bitcoin, but even a so-called 51% attack would probably not enable the bad actors to reverse old transactions, because the proof of work requirement makes that process so labor intensive. To go back and alter the blockchain, a pool would need to control such a large majority of the network that it would probably be pointless. When you control the whole currency, who is there to trade with?
A 51% attack is a financially suicidal proposition, from miners' perspective. When Ghash.io, a mining pool, reached half of the network's computing power in 2014, it voluntarily broke itself up in order to maintain confidence in bitcoin's value. Other actors, such as governments, might find the idea of such an attack interesting, though.
Another source of concern related to miners is the practical tendency to concentrate in parts of the world where electricity is cheap, such as China or, following a Chinese crackdown in early 2018, Quebec.
Keys and Wallets
Bitcoin ownership boils down to two numbers, a public key and a private key. A rough analogy is a username (public key) and a password (private key). A hash of the public key called an address is the one displayed on the blockchain. Using the hash provides an extra layer of security.
To receive bitcoin, it's enough for the sender to know your address. The public key is derived from the private key, which you need to send bitcoin to another address. The system makes it easy to receive money but requires verification of identity to send it.
To access bitcoin, you use a wallet, which is a set of keys. These can take different forms, from third-party web applications offering insurance and debit cards, to QR codes printed on pieces of paper. The most important distinction is between "hot" wallets, which are connected to the internet and therefore vulnerable to hacking, and "cold" wallets, which are not connected to the internet.