Bitcoin is the first and world’s strongest cryptocurrency on the market based on a decentralized accounting system. Payments are cryptographically legitimized (digital signature) and processed via a computer network of equal computers (peer-to-peer). Unlike in the classic banking system, a transaction with Bitcoin corresponds to the settlement between the parties involved. Proof of ownership of Bitcoin is stored in personal digital wallets (colloquially “wallet”). The price of a Bitcoin to the legal tender (fiat money) follows the principle of price formation on the stock exchange.
| Icon | BTC, ₿ (Unicode codepoint U+20BF since version 10.0.0) or XBT (ISO 4217) |
|---|---|
| Year of publication | 2009 |
| Founder | Satoshi Nakamoto (pseudonym) |
| Programming language | C++, C, Python |
| Start | 3 January 2009 |
| White paper | “Bitcoin: A Peer-to-Peer” “Electronic Cash System” |
| Circulating supply | 19,044,146 (as of 19 May 2022) |
| Maximum Supply | 21,000,000 or 20,999,999.97690000 |
| Blockchain | 412.35 GB (as of June 19, 2022) |
| Mining | SHA-256 |
| Code repository | https://github.com/bitcoin /bitcoin |
| Website | bitcoin.org |
Etymology
The composite is composed of “bit” as a unit of measurement for the amount of data of digital data and “coin”; i.e. “digital coin”.
Generalities about Bitcoin
The Bitcoin payment system was invented by a person or group under the pseudonym Satoshi Nakamoto in 2007, described in November 2008 in a publication – the so-called whitepaper – and published in January 2009 with an open-source reference software. The Bitcoin network is based on a decentralized database jointly managed by the participants, the blockchain, in which all transactions ever made are verifiably recorded. Cryptographic techniques are used to ensure that valid transactions with Bitcoins – without exception – can only be made by the respective owner and that the same monetary units cannot be spent multiple times.
Unlike the issuance of new banknotes by a central bank, new Bitcoin units are created by the computer-based solution of cryptographic tasks, the so-called mining, but the maximum amount is limited to 21 million Bitcoins. Much of it has already been created.
History and share price development
| Bitcoin highs | ||
|---|---|---|
| US Dollar / Bitcoin |
achieved for the first time | required days |
| 0,1 | Oct. 9, 2010 | – |
| 1.0 | Feb. 9, 2011 | 123 |
| 10.0 | Jun. 2, 2011 | 113 |
| 100.0 | Apr. 1, 2013 | 669 |
| 1,000.0 | Nov. 27, 2013 | 240 |
| 10,000.0 | Nov. 29, 2017 | 1.463 |
| 50,000.0 | Feb 16, 2021 | 1.175 |
| Bitcoin all-time high | ||
|---|---|---|
| Bitcoin | US dollar | Date |
| 1 | 68,744.03.0 | November 10, 2021 |
2008
The concept of Bitcoin was proposed in a 2008 white paper by Satoshi Nakamoto on a mailing list about cryptography. So far, it has not been known whether Satoshi Nakamoto is the name of a real person, a pseudonym or a collective pseudonym for a group of people. Bitcoin is the first successful attempt to establish digital money without a central control authority. Since the 90s, the cypherpunk movement has been trying to create a digital equivalent to cash using cryptographic methods.
After various centrally organized attempts – such as eCash by David Chaum – failed, a few cypherpunks in the late 90s thought about methods to create a digital transaction system that functions without a central authority. Hal Finney’s Reusable Proof of Work, Wei Dai’s B-money, and Nick Szabo’s bit gold were important precursors to Bitcoin, even if they never got beyond the state of a theoretical sketch.
With the Bitcoin whitepaper, Satoshi presented the first fully formulated method to create a purely decentralized transaction system for a digital cash. In a forum, he writes:
“The core problem with conventional currencies is the level of trust needed to make them work. The central bank must be trusted not to devalue the currency, but the history of fiat money is full of betrayals of that trust. Banks must be trusted to store our money and transfer it electronically, but they lend it in waves of credit bubbles with a small fraction of backing. We have to trust the banks with our privacy, trust that they don’t give identity thieves the opportunity to empty our accounts. Their massive additional costs make micropayments impossible.
A generation earlier, users of timeshare computer systems had a similar problem. Before the advent of strong encryption, users had to rely on password protection for their data and trust the system administrator to keep their information confidential. This privacy could be revoked at any time if the administrator determined that it weighed less than other concerns, or at the direction of his superiors. But then strong encryption became available to the mass of users, and trust was no longer necessary. Data could be secured in a way that made it impossible for third parties to access it for any reason, no matter how good excuses, no matter whatever.
It’s time we did the same with money. With an electronic currency that relies on cryptographic proof and doesn’t require trust in middlemen, money is safe and can be transferred effortlessly.”Satoshi Nakamoto
2009
The Bitcoin network was created on January 3, 2009, with the creation of the first 50 Bitcoin and the generation of “Block 0”, the so-called genesis block. In its only transaction, Coinbase, the following message was encoded:
The Times 03/Jan/2009 Chancellor on brink of second bailout for banks
“The Times 03 January 2009 British Chancellor of the Exchequer on the brink of a second bailout of banks.”
This quotes the headline of the front page of the British newspaper The Times on 3 January 2009 and alludes to the banking and financial crisis from 2007 onwards. A few days later, the first version of the Bitcoin reference software Bitcoin Core was published under the pseudonym “Satoshi Nakamoto”.
2010–2011
The initial exchange rate for Bitcoin was $0.07 and was calculated by New Liberty Standard based on the cost of mining production. According to this calculation, one dollar could have bought about 13.10 Bitcoins.
On February 24, 2010, Satoshi Nakamoto introduced the Bitcoin logo in its current form ₿ (previously “BC” was common).
Bitcoins initially had no quantifiable value in other currencies. In 2010, the first exchange rates were negotiated by people on Bitcointalk forums. The first exchange of goods for Bitcoin took place on May 22, 2010; 2 pizzas were traded for 10,000 Bitcoin. Until the end of 2011, the exchange rate from US dollars to bitcoins was mostly in the single digits, i.e. one bitcoin was obtained for less than 10 US dollars, apart from a sharp rise in the price in June 2011. The exchange rate was subject to strong fluctuations from the outset.
2012–2017
In the course of 2012, an upward trend began, which intensified at the beginning of 2013. This pushed the price to over $200 in April. After some setbacks, Bitcoin first crossed the $1000 mark on November 30, 2013, but fell after the bankruptcy of Bitcoin trading platform Mt.Gox fell below $250 by early 2015 before rising again in October 2015.
In 2015, the MAK – Museum of Applied Arts was the first museum to buy a work of art (van den Dorpel’s screensaver “Event listeners”) with Bitcoins.
At the beginning of 2016, Bitcoin was quoted at just under 450 US dollars and continued to rise until it closed the year 2016 at just under 1000 US dollars. The rapid price development accelerated before the launch of Bitcoin futures in mid-December 2017. On December 17, nearly $20,000 was reached. The year 2017 ended with a level of approximately 14,000 US dollars.
2018–2019
In 2018, it went down under fluctuations. At the end of November, the price fell below 4000 US dollars. In mid-December 2018, a low of about 3200 US dollars was marked. At the beginning of April 2019, a recovery began, the mark of 5000 US dollars was exceeded again. According to experts, Facebook’s plan for its own internet currency helped lift Bitcoin back above the $10,000 mark in June 2019. After reaching just under 13,000 US dollars at its peak, the price fell again. The year 2019 ended with a level of approximately $7,200.
2020
In 2020, the price initially rose, already in February the 10,000-dollar mark was exceeded again. The crash of the world stock markets in March as a result of the corona pandemic was followed by Bitcoin down to about 4,000 dollars. Like equities, it recovered and, accompanied by the usual fluctuations, rose again in July to $10,000, which was only briefly undercut in early September. From the beginning of October, it went steeply upwards. At the end of November, the all-time high of 2017 was narrowly exceeded and in mid-December, the price rose above 20,000 US dollars for the first time. On December 26, 2020, Bitcoin surpassed the $25,000 mark.
2021
On January 2, 2021, Bitcoin surpassed the $30,000 mark. Only a few days later, the $40,000 was briefly exceeded. After an investment by Tesla, Inc. over $1.5 billion in Bitcoin became known in February 2021, the price shot up to new highs. After reaching almost $65,000 in mid-April, Bitcoin lost about half of its value again and was trading at about the same level as at the beginning of the year in mid-2021. Subsequently, a renewed rally started, which led the price to a new all-time high of 68,744.03 US dollars on November 10, 2021. By the end of the year, however, the price fell back to below 50,000 US dollars.
On June 8, 2021, the Parliament of El Salvador, with the votes of President Nayib Bukele’s ruling Nuevas Ideas party, passed a law to introduce the cryptocurrency Bitcoin as an additional official national currency. Within a period of only 90 days, the central bank and the financial market supervisory authority implemented the changeover. Less than three weeks after the introduction of Bitcoin as the national currency on September 7, 2021, 2.1 million Salvador residents, almost a third of the population, were already actively using the government-owned so-called Chivo Wallet.
The country of El Salvador also wants to start mining bitcoins itself as soon as possible. For this purpose, clean and renewable energy from geothermal energy from volcanoes in the country is to be used. At the beginning of September 2022, Bitcoin no longer played a role as a means of payment, because only the starting balance of 30 dollars was used for payment and mining had not yet been carried out.
On October 19, 2021, the first SEC-approved U.S. Bitcoin ETF was launched. It is a synthetic ETF, which means that the fund manager does not buy Bitcoin, but only futures contracts (futures) are based. Thus, no direct impact on the Bitcoin price by investing in this Bitcoin ETF is possible. The ETF price may differ from the actual Bitcoin price. The SEC has yet to decide on 20 other Bitcoin ETFs that have been applied for. Such ETFs would actually be based on purchased Bitcoins, so they would also directly influence the Bitcoin price.
2022
At the beginning of 2022, the downward trend from the end of the previous year continued. By the end of January, Bitcoin had lost about half of its value, relative to the all-time high in November 2021.
In February, the U.S. seized more than $3.6 billion worth of bitcoins stemming from a cyber attack on the cryptocurrency exchange Bitfinex in 2016.
On April 27, 2022, the Central African Republic became the second country in the world to also introduce Bitcoin as legal tender alongside the CFA franc.
The Bitcoin price continued to fall in the first half of the year. In June 2022, a low was marked at 17,700 US dollars.
Functioning
Bitcoin can be regarded as a payment system as well as a monetary unit, which is managed or created decentrally in a computer network with the help of its own software. The system is based on a decentralized database jointly managed by the participants, in which all transactions are recorded on a blockchain. The only condition for participation is a Bitcoin client or the use of an online service provider that provides this feature. As a result, the Bitcoin system is not subject to any geographical restriction – other than the availability of an Internet connection – and can be used across borders.
Payment system Bitcoin
The Bitcoin payment system consists of a database, the blockchain, a kind of journal in which all Bitcoin transactions are recorded. The Bitcoin payment system uses a peer-to-peer network to which all participating computers connect using a program. This Bitcoin network records all Bitcoin transactions. The blockchain is stored redundantly and decentrally on all Bitcoin nodes, managed and continuously updated via the Bitcoin network.
In order to use the Bitcoin system for payments, a digital wallet and an Internet connection are required. Bitcoin wallets exist as desktop applications such as Bitcoin Core and Electrum, as well as web applications. In addition, it is also possible to use hardware wallets, separate devices that are connected to a computer via USB, for example, and which offer increased security in many scenarios. There are also online services that offer to manage users’ digital wallets.
The personal wallet contains cryptographic keys to authorize payments. While in the early days of Bitcoin, users managed their keys directly (e.g. as a list in a file or on paper), deterministic wallets have prevailed today due to the susceptibility to errors of this method, in which the user only has to remember a secret phrase (“seed”), from which any number of private keys can be derived deterministically via an algorithm. The digital wallet must be protected against loss, spying and malware.
Payments are made to pseudonymous addresses, hash values of public keys generated by the wallet software based on the secret keys it manages. Bitcoin does not allow the identification of trading partners. However, the system does not guarantee complete anonymity either, since the chain of all transactions is publicly recorded in the transaction history and a link between Bitcoin addresses and identifying information is possible in principle.
As with payments with commodity money, a Bitcoin transaction cannot be revoked after it has been confirmed by the network. The first confirmation of payment takes on average just under ten minutes, can take several hours in individual cases or if only very low fees are paid. As time passes, further confirmations in the form of found blocks are added, which increase the binding nature of the payment. A fee may be paid to make a payment, with payments with higher fees being confirmed preferentially.
The virtual monetary unit Bitcoin
Bitcoin’s virtual monetary and account unit is created, stored and managed decentrally in a computer network. Bitcoins can be split into smaller units to allow for smaller transactions. The Satoshi is the smallest unit of the cryptocurrency Bitcoin. It is named after Satoshi Nakamoto, the creator of the protocol. 100 million satoshis correspond to one Bitcoin.
Put simply, Bitcoins are exchanged electronically between participants. Their possession is proven by the possession of cryptographic keys. Each transaction of monetary units is digitally signed and recorded in a public database operated by the entire network, the blockchain.
The Bitcoin monetary units can currently also be exchanged for other means of payment and currencies on special – mostly unregulated – online exchanges, similar to the foreign exchange market.
New units of crypto money are gradually created through so-called mining. Bitcoin participants can participate in the generation by spending computing power. All participants compete for an amount that is distributed to one of the participants approximately every ten minutes and for the purchase of transaction fees. The result of the complex calculation serves to confirm third-party payments and secures the operation of the Bitcoin network. The maximum money supply is set by the network protocol at just under 21 million (20,999,999.97690000) units and cannot be influenced by individual participants.
Properties of Bitcoin
Anti-counterfeiting
Counterfeiting of units or transactions is not possible by the asymmetric cryptographic method used, which generates and verifies digital signatures, with the means currently available (2017). The double spending of the same Bitcoins is prevented by means of the blockchain. On average, an attacker would have to spend more computing time than all honest Bitcoin participants combined to create an alternative blockchain with a modified transaction history. However, this only applies to transactions that have already been confirmed.
Cost and speed of execution
Payments can be settled between the parties without the involvement of financial institutions. In order for a transaction to be confirmed, the creator specifies a fee, which he usually makes dependent on the load on the network. At a time of high utilization (as of December 2017), this was about € 19.50 (at a Bitcoin price of € 13,000 and 1.5 mBTC per 266-byte transaction). In the past, this transaction fee was much lower and fell significantly again in 2018.
If a higher fee is selected, this can speed up the confirmation process by giving higher priority in the calculation, while the omission of the fee – which is still technically possible – extends the confirmation period or makes the execution of the transaction uncertain. The fee is paid to the participant (miner) who creates a new block with this transaction. This prevents the network from being deliberately overloaded by a large number of small transactions. In the long term, these charges are planned as a reward for maintaining the network by providing computing power.
The confirmation of payment takes as long as the creation of a new block, i.e. an average of 10 minutes. There is no immediate consensus in the system on a single confirmation. Each additional confirmation, which again takes about 10 minutes, increases the probability that the payment will be permanently preserved. After six consecutive confirmations, a payment shall be deemed to have been sufficiently confirmed.
Decentralization
The system is completely decentralized due to the peer-to-peer structure, similar to systems like BitTorrent. Influencing the money supply would require that the majority of mining computing power be done with modified software, otherwise, a fork of protocol and payment unit that is not generally accepted would arise.
Scarcity
The maximum possible number of all Bitcoins is 21 million. Since “lost” Bitcoins are not replaced, the actual number of Bitcoins in circulation remains well below this value, even if all Bitcoins are mined in the future. Bitcoins, therefore, have the property of scarcity. Also, by halving the block reward for calculating a new block after every 210,000 blocks, the supply of new bitcoins decreases (see section Mining), which (with further increasing demand) causes an additional shortage of supply.
To determine the scarcity of a good, the stock-to-flow ratio can be used. The circulating quantity of the commodity (the “stock”) is divided by the annual production rate (the “flow”). The quotient indicates the number of years it takes at the current production rate to produce the quantity of the respective good in circulation.
In 2019, Bitcoin had a stock-to-flow value of 56 (for comparison, the value for gold was 62).
Notation, symbols and presentation
Based on the three-letter codes of ISO 4217, BTC is the abbreviation for the currency unit. Some websites use the symbol of the Thai Baht ฿ (U+0E3F), which represents a B with a vertical bar, also using the notation with two strokes. The fragments of a Bitcoin, i.e. the smallest subdivision of 1/100,000,000 that can be represented in the current protocol, were named “Satoshi” in honor of the inventor.
Irreversibility of transactions
Payments confirmed on the blockchain with Bitcoin cannot be reversed. This is an advantage for the seller in online trading, as chargebacks of payments are not possible for fraudulent purchases.
Incorrectly transferred money cannot be returned by a central authority.
In the Bitcoin system, the recipient is anonymous. He cannot be contacted. If a payment is made in error, one is dependent on the recipient revealing his identity outside the Bitcoin system or generally showing goodwill and transferring the unexpected deposit back to his account. The evaluation of a checksum serves to prevent the input of accidentally incorrect addresses.
Distribution of credits
One problem with the introduction of Bitcoin as a currency was the initial distribution of monetary units. Modern state and private currencies are – in contrast to Bitcoin – covered by a payment promise from the issuing authority. Since Bitcoin was initially not trusted as a new means of payment and the redemption is not guaranteed by any body, Bitcoins were initially practically worthless. Also, usability was initially not given due to the lack of supply of goods against payment in Bitcoins.
In the case of Bitcoin, new units are distributed according to a principle that rewards the support of the network by providing computing power (see section Mining). Another feature of the system is that fewer and fewer monetary units are generated over time. As a result, participants were able to generate monetary units much faster and with less effort in the initial phase of the system. As time goes on and the number of participants or computing power increases, it becomes more difficult for the individual participant to generate Bitcoins.
A high six-figure number of bitcoins (estimates range from 600,000 to 1,000,000) were created in the early days by Bitcoin inventor Satoshi Nakamoto, but have not been used since his withdrawal from the Bitcoin project. Cameron and Tyler Winklevoss stated in April 2013 that they had acquired 1% of the then existing bitcoins (about 100,000).
The investment company Grayscale Bitcoin Trust manages the largest publicly known amount with ₿ 654,885. MicroStrategy Inc. is invested with ₿ 91,579.
In March 2019, almost 16% of all bitcoins were held by 100 addresses or about 41% of all bitcoins by 1900 addresses. However, this statistic is not very meaningful for the distribution of credits, since on the one hand individual addresses can represent the balances of numerous individuals (cold storage of file-sharing networks), on the other hand, the credit balance of individual entities can be distributed over several addresses.
In order to analyze certain behavior patterns of the addresses in more detail, the concept of UTXO (see section Transactions) can be used. The so-called UTXO Age Distribution Chart is a stacked area diagram in which all available Bitcoins are displayed in different age groups (layers) and describe their change or movement behavior depending on time. This makes it possible to clearly determine at any time how many Bitcoins have not been transferred for how long. In May 2020, 63% (approx. 11,577,261) of all bitcoins in circulation (approx. 18,376,700) had not been moved for over a year. Although this does not give any further conclusions about the actual distribution of the assets, it shows the economic behavior of investors. This shows what percentage of Bitcoin is held or moved by the respective owners.
Anonymity versus pseudonymity
Bitcoin addresses such as bc1qj5swkkkk50ymyeqx2em906jfft86ptd4xs8wwf are public key hash values that can be understood as pseudonyms. As such, they cannot be directly linked to the real identities of payers and payees. Bitcoin transactions are therefore not more precisely traceable without further information and ensure partial anonymity. In addition to pseudonymity, another prerequisite for complete anonymity is the lack of traceability (unlinkability). This means that the transactions of a particular user or his interactions with the system cannot be linked to each other. If, for example, a Bitcoin address is often reused, or payment transactions from unknown addresses are carried out together with already known addresses, there are starting points for traceability. A deanonymization of the processes on the Bitcoin blockchain is then partly possible.
Bitcoin builds on the established infrastructure for ensuring anonymity on the Internet and protects privacy more comprehensively than conventional payment methods. However, the anonymity granted by Bitcoin is limited and does not by itself provide reliable protection against professional investigations. In order to settle transactions, one of the business partners usually has to give up his anonymity, at least partially. All transactions between two addresses are publicly logged and stored persistently throughout the network. Subsequent recipients of partial amounts can, for example, name the last owner to authorities, which can then track the chain of transactions.
Therefore, Bitcoin does not necessarily prevent the detection of illegal transactions. In particular, investigative authorities may obtain and link access to internet connection data, postal items, virtual fingerprints (browser profiles) and contact details of former or subsequent participants in a transaction chain. If a connection to a person is established at one point, for example through an intercepted shipment of goods or a service provided, all transactions can be traced to the assigned address. The possibilities of tracking transactions are therefore much more extensive than with cash. Operators of exchanges that allow the exchange of Bitcoin into other currencies are also usually subject to anti-money laundering regulations. Exchange operators are not necessarily required to release funds that may have been acquired illegally.
Experimental payment flow analyses in the Bitcoin system showed how the origins of transaction chains can be assigned to relevant known address pools. This was shown with payments to Wikileaks. On the other hand, even if large amounts were involved, it has not been possible to use public data to identify with certainty persons who illegally obtained funds by spying on the assigned keys. However, one tries to complicate such an analysis by anonymizing the processing of Bitcoin transactions via the Tor network. It attempts are made to turn “dirty” Bitcoins into untraceable Bitcoins with so-called Bitcoin mixers or tumblers (to tumble: to stir up), which resemble a black box.
Security considerations
Security against data loss and spying on data
While almost all transactions are publicly stored on the blockchain, ownership of bitcoins is evidenced by private keys that are only accessible to the owner. If the keys are lost, the associated bitcoins are lost for the owner as well as the entire network. The money supply, limited to 21 million Bitcoins, is reduced by such amounts, but these remain valid indefinitely in the event of key recovery.
By spying on the keys, an attacker also gains access to the balance. It is not excluded that such colloquially referred to as “stolen” Bitcoins can be assigned in later transactions, but these are considered fungible (analogous to money) and an identification of the “thieves” is similar to cash only possible in exceptional cases.
Backup in daily use
Current software allows the encryption of the electronic wallet. This protects against theft of the computer used, but not necessarily against compromise by malware and keyloggers. In the case of theft of a computer used, the thief cannot do anything with cryptocurrencies if he does not know the password or the seed phrase.
Another backup strategy is to use a so-called cold wallet for storage. In order to receive a credit, access to the cold wallet is not required, but for outgoing transactions it is.
Storage on non-electronic media
The private keys for the credit do not necessarily have to be stored on an electronic medium. They can also be transferred to an address whose private key is stored exclusively in physical form, e.g. by writing it down on a piece of paper (also called a paper wallet ). This key can be imported at any time by a bitcoin software to spend the bitcoins.
In addition to paper wallets, coins and records were also produced, which contain a key with a certain amount of Bitcoins and can be exchanged as practically as cash. Conversely, however, they also carry the same risks as cash, such as destruction or loss.
The Integrity of Bitcoin Software
Verification of the integrity of the software is made possible by the fact that it is available as open-source software in source code. The authenticity of downloaded binary releases is verified using digital signatures common in the FLOSS community and comparison of cryptographic hash functions.
Some wallets offer deterministic builds.
Signatures for business use
In the Bitcoin system, each participant can create an unlimited number of Bitcoin accounts without being independently audited or monitored in any way. In connection with the technical property of the irreversibility of transactions, fraud scenarios or manipulations are conceivable, depending on the framework conditions, such as the exchange of the Bitcoin address in electronically sent invoices through man-in-the-middle attacks, invoice forgery or fraudulent agreement to receive payment. This vulnerability is inherent in principle: Since Bitcoin does not rely on institutions such as banks or courts to which trust is delegated, trust between business partners must also be established individually.
In the case of more extensive transactions with trading partners still unknown, it may be safer if the recipient address can be verifiably traced. For person-to-person financial transactions, Bitcoin OTC was established early on, a web of trust based on GnuPG, the use of which, however, is technically relatively demanding.
Newer Bitcoin clients offer a function that allows text messages to be signed by the sender using strong asymmetric encryption using a publicly known address belonging to him. Conversely, the recipient can check the affiliation to this address in the Bitcoin software. The integrity of the public address, in turn, can be proven, for example, by using GnuPG’s decentralized Web of Trust or a hierarchical public key infrastructure and (for websites) SSL certificates.
Scalability
The existing Bitcoin network is only scalable to a limited extent on the technical level. Limiting factors for the individual participant are the bandwidth for receiving and forwarding transactions and blocks, the CPU power for verifying incoming transactions and blocks, and the storage capacity for storing the blocks. If one of the factors exceeds the capacity of an individual participant, the latter can no longer participate in the system.
The inventor and original main developer of Bitcoin, Satoshi Nakamoto, described in the whitepaper simplified Bitcoin clients (light wallets) that do not perform a full check of the block contents, but only need to download and test 80 bytes per block (block header). Payments can thus be checked via a compact proof without knowing the entire block content (Simplified Payment Verification). With such a design, it would be possible to process a high number of transactions over a small network of high-performance Bitcoin nodes.
An important limiting factor is the capacity of the blockchain itself. Satoshi Nakamoto built a block size limit of 1 MB into the reference implementation in 2010 on the advice of Hal Finney. It limits the maximum number of transactions to approximately 7 transactions per second. The limit was built in to prevent possible attacks on the network with excessively large blocks.
At the time, Bitcoin was hardly widespread, so the number of transactions was far below the limit. As Bitcoin’s popularity grew, so did the number of transactions, so there were more and more periods when blocks were full and a backlog of unconfirmed transactions arose. The backlog of unconfirmed transactions is indicated by the size of the mempool. If the capacity of the entire system is exceeded, the time taken to confirm a transaction increases. Participants must increase transaction fees in order for their payments to be processed preferentially.
Against this background, there was a sharp debate in the Bitcoin community about the right approach to better scaling, which resulted in a hard fork and only flattened out in 2017.
On one side of the debate, the development team of the reference implementation Bitcoin Core has rejected a significant increase in the block size limit. Instead, the soft fork SegWit (Segregated Witness) was supported, which, in addition to an indirect, moderate increase in block size, above all lays the foundation for “off-chain” solutions that aim for better scaling by reducing the number of transactions that need to be stored on the blockchain. The best-known of these off-chain solutions, also known as “Layer 2” technology, based on the OSI model, is the Lightning Network, a network of payment channels between participants based on Bitcoin, through which payments can be processed and in which only in some situations transactions occur that must be stored on the Bitcoin blockchain.
The other side of the debate, including Roger Ver and the company Bitmain, which was behind a significant portion of the mining computing power, advocated scaling Bitcoin by increasing the block size.
In order to increase the block size limit from 1 MB to 8 MB, the fork Bitcoin Cash was created on August 1, 2017.
Technology
Peer-to-peer network
Bitcoin’s full nodes are connected via a peer-to-peer network. This is used to exchange blocks, transactions and various other messages. A single Bitcoin client maintains a fixed number of currently 8 outgoing connections and a variable number of up to 117 incoming connections. This creates an unstructured overlay network in which all Bitcoin nodes are connected to each other. In some situations, the information from outgoing connections is preferred, as they are more difficult to control by an attacker.
In order to connect to the Bitcoin network, the Bitcoin software requires knowledge of IP addresses of other Bitcoin nodes. For the initial search for other nodes (bootstrapping), the Domain Name System is used. The Bitcoin client resolves a domain name to obtain the IP addresses of several other Bitcoin nodes. The domain names used for bootstrapping are tightly integrated into the Bitcoin software and the services are operated by members of the Bitcoin community. Already connected Bitcoin nodes exchange known IP addresses with each other. If bootstrapping fails, the Bitcoin client accesses an included list of Bitcoin nodes.
Transactions and blocks are distributed within the network via a flooding algorithm and sent via TCP by default. Time-critical here is above all the dispatch of new blocks found by mining, as the other Bitcoin miners would waste their computing power temporarily on an older version of the blockchain in the event of delays due to network transmission. Therefore, various technical measures exist to speed up the sending of blocks, such as the UDP-based FIBRE network used by miners or the concept of “compact blocks”, in which the individual nodes assemble parts of new blocks from transactions stored in the mempool, thus speeding up transmission and reducing the amount of data sent over the network.
In addition to the actual so-called mainnet, there is a so-called testnet with a separate blockchain, which is suitable for testing new functions or experimenting. The testnet has been reset twice so far. Significant differences to the mainnet are the adjustment of the difficulty and the price of Testnet Bitcoins. Testnet Bitcoins can be obtained free of charge over the Internet, as they have virtually no value.
Blockchain
The blockchain is the journal where all Bitcoin transactions are recorded. It consists of a series of data blocks, each of which combines one or more transactions and provides a checksum. New blocks are created in a computationally intensive process called mining and then distributed to participants via the network.
The transactions of a block are hashed together in pairs by a Merkle tree and only the last hash value, the root hash, is noted as a checksum in the header of the block. The blocks are then concatenated using this root hash. Each block contains in the header the hash of the entire previous block header, so the order of the blocks is clearly defined. In addition, the subsequent modification of previous blocks or transactions is practically impossible, since the hashes of all subsequent blocks would also have to be recalculated in a short time. The first block in the blockchain is predetermined and is called a genesis block.
The blockchain currently has a size of around 400 GB (as of March 2022). It must be completely downloaded by newly joining Bitcoin nodes and usually also checked for validity. In addition, the Bitcoin software contains a tightly integrated list of well-known blocks from the past that must match the downloaded blockchain. The original paper described the possibility of saving space by removing older transactions from the blocks and keeping only the header with the root hash. However, this functionality is not yet implemented in Bitcoin Core, so the entire transaction history up to the beginning is traceable.
When creating blocks (also known as mining), multiple Bitcoin nodes may create a valid new block at the same time. If the other participants receive more than one valid new block, they decide which block to accept. As a rule, this is the first block received. In rare cases, there may be a fork in the blockchain, where the chain branches are branched and both branches are continued with valid new blocks. In such a case, the fork with the longer chain will prevail at some point, because it is assumed that the majority of participants are behind it. The transactions in the discarded branch of the fork or the mined blocks become worthless, which calls into question the auditability (auditors) of the blockchain.
The first transaction in a block contains the transfer of the newly generated bitcoins and transaction fees. The amount of newly generated bitcoins is currently limited to 6.25 bitcoins per block. If a Bitcoin node tries to generate more Bitcoins than it is entitled to, its block will not be accepted by other Bitcoin nodes. Originally, 50 bitcoins were generated per block. That number halves every 210,000 blocks, which equates to about four years, so the maximum number of bitcoins that can ever be created is fixed at 21 million. Since one Bitcoin (in the current Bitcoin Core version) can be divided into 100 million units (satoshis), this results in a total of 2.1·1015, i.e. 2.1 quadrillion discrete units.
Bitcoin addresses
To obtain a Bitcoin address, the participant’s Bitcoin client must first generate a key pair. The key pair consists of a public and a private key. The private key is a generated random number and is stored in the wallet. It is used to sign transactions, i.e. outgoing payments (analogous to the signature on a remittance slip), and should be kept secret. At the same time, the loss of the private key also means the loss of the associated Bitcoins. The public key does not need to be stored because it can be calculated from the private key. Bitcoin uses the elliptic curve cryptosystem ECDSA in the standardized 256-bit configuration secp256k1.
The Bitcoin address is a short form (fingerprint) of the public key and is encoded with Base58. To calculate the address, two cryptological hash functions are successively applied to the public key (here: RIPEMD-160(SHA-256(pubkey))). In addition to the resulting 160-bit hash value (public key hash), the address contains another 32-bit hash value, which, as with a checksum, is intended to detect transmission or typing errors.
There are 3 types of addresses:
- P2PKH or Legacy address is the first version of a Bitcoin address that starts with the number “1” and has 26 to 36 characters. The average fee when sending from a P2PKH address is usually higher than when sending from a Segwit address because transactions with outdated addresses are larger. Example: 1HHRPAXhiMGRXh1HakrCVyukAU2TBcvrDa
- P2SH The new address type is similar to P2PKH, but starts with “3” instead of “1”. P2SH provides more complex functionality than the previous address type. To spend bitcoins sent over P2SH, the receiver must provide a script that matches the script hash and data, making the script a reality. However, all an ordinary user needs to know is that when using this type of address instead of P2PKH, the average transaction fee is lower. Example: 3GL1MMJvw99DbrzoPQYhu7H5Zv2S8ykvPy
- P2WPKH or Bech32 is an extended address type used to reduce blockchain block sizes to speed up transaction response time. Addresses start with “bc1” and are longer than P2PKH and P2SH. Bech32 is the native Segwit addressing format (although P2SH can also be a Segwit address), which is why it usually means using Segwit addresses. The advantage is the lowest transaction sending fee and the high processing speed. The disadvantage of such addresses is that they are not yet supported by all wallets and systems. Example: bc1qj5swkkkk50ymyeqx2em906jfft86ptd4xs8wwf.
Transactions
The transfers of bitcoins between participants are processed in “transactions” that work for the user similar to a bank transfer. The payment sender only needs to know the Bitcoin address (comparable to the account number or IBAN) of the payee; its confirmation is not necessary. The Bitcoin addresses can be generated by a Bitcoin client on demand. The payee, therefore, does not need to be connected to the network. The sender only needs to connect briefly to place the transaction.
A reversal of transactions, once they have been included in the blockchain, is excluded. Also, the withdrawal of funds from an account, as with direct debit, is not possible with the Bitcoin blockchain.
However, the payment sender can change a transaction initiated by him up to the same time. The problem is that so much time can pass between the initial triggering of the transaction and its manifestation in the blockchain that Bitcoins can no longer be used as an instant means of payment. At the very least, the payee would have to assume the risk of a total default of the payment if, for example, he delivers goods before the transaction is verifiably completed.
Transaction cost
There are fees when transferring Bitcoins. These are currently at least 1,000 Satoshi (= 10 μBTC = 0.01 mBTC = 0.00001 BTC). On the one hand, the fees are levied in order to reward the participants involved in mining for completing the transaction. On the other hand, the fees are intended to prevent the network from being intentionally overloaded with transactions. The amount of fees required depends on the size of the transaction (in bytes), it does not depend on the value of the transferred Bitcoins.
The transferring participant can determine the transaction fees that he is willing to pay. The higher this value, the faster the transaction is confirmed. When forming new blocks, miners usually select those transactions from the “mempool” of unconfirmed transactions that have the highest transaction fee. A selection is necessary because the number of transactions matching a block is limited by an upper limit. The required transaction costs are therefore not constant over time, but depend on the size of the mempool and thus on the current utilization by transactions set by other participants.
Procedure of a transaction in detail
Strictly speaking, there are no accounts in the Bitcoin system that can have a balance. The “balance” identified by the Bitcoin client or other wallet programs are received credits to the Bitcoin addresses from the user’s Bitcoin wallet that have not yet been transferred (so-called unspent transaction outputs, UTXOs).
Each transaction contains at least one input (consisting of a transaction hash and an index), at least one output (recipient address, and the corresponding amount) and other fields for signature and management. Funds can be merged from multiple addresses and split among multiple addresses. The amount of the entered entries will be credited in full to the destination addresses in the specified amount. If “change” remains, the sender must include its own address in the outputs. It is also possible to have a transfer signed by several participants (e.g. in the case of an escrow service).
Finally, the entire transaction is signed with the sender’s private key, which authenticates it and protects it from modification. The transaction is then transferred to the peer-to-peer network and distributed using a flooding algorithm. The sender sends his transaction to all Bitcoin nodes connected to him on the network. They verify the signature and check whether the transaction is valid. They then forward the transaction to the Bitcoin nodes connected to them. This is repeated until the transaction is known to all Bitcoin nodes on the network. Once the transaction arrives at a node operated by a miner, the miner can include it in the blocks it creates.
Example
Participant A has previously transferred an amount to Participant B, which he now wants to transfer to Participant C. For this purpose, participant B creates a transaction that receives the credit note from Participant A as input and has the address of Participant C as output.
To prove that he is the owner of the bitcoins that A transferred to him, B writes his full public key and input transaction to the new transaction. From the public key, his Bitcoin address can be calculated and thus proven that the amount was previously transferred to him by A.
As the payee, Participant B specifies the Bitcoin address of Participant C and the amount he wants to transfer to C.
Finally, participant B signs the transaction with his private key and transmits it to the network.
Mining
Through mining, new blocks are created and then added to the blockchain. New blocks are used to issue new bitcoins and at the same time confirm some of the new or outstanding transactions. By November 2012, 50 bitcoins were paid out, by July 2016 25, by May 2020 12.5 and since then 6.25 bitcoins with each new block. In this way, decentralized money creation takes place. The process is very computationally intensive, and in return, the participant who generates a valid block receives as a reward the created Bitcoins and the fees from the included transactions.
After a new valid block has been found, it is distributed, like unconfirmed transactions, by flooding the algorithm to all Bitcoin nodes in the network as a new longer valid blockchain. Mining in the Bitcoin system also solves the problem of the Byzantine generals in this way: Since there is no central authority that authenticates the participants, the Bitcoin nodes do not trust each other in principle. The problem for each Bitcoin node is to find out which blocks or blockchain is the “right” one, i.e. which the majority trusts. Valid blocks are created only by computationally intensive mining. Thus, every Bitcoin node trusts the longest valid blockchain, since behind this is the most computing power and therefore the majority of participants are suspected.
Proof of Work
Practically the entire computing power of the Bitcoin network is accounted for by solving cryptographic tasks, the proof of work. Their purpose is to ensure that the creation of valid blocks is associated with a certain amount of effort, so that a subsequent modification of the blockchain, such as in the scenario of a 51% attack, can be practically excluded. Due to the difficulty, miners form “mining pools” to receive payouts despite these high demands on power consumption, provision of costly hardware and/or hardware under their control. Most of the mining pools are located in China, where most of the cryptocurrency’s miners – or about 75% of computing power – are located.
The proof of work with Bitcoin is to find a hash value that is below a certain threshold. The threshold is inversely proportional to the mining difficulty. The threshold value can be used to regulate the effort required to solve the proof of work, because the lower this value is, the less likely it is to find a suitable hash. The hash is calculated by applying the SHA-256 cryptographic hash function twice to the initial area of a block (block header).
The process works as follows:
- Initialize block, calculate root hash of the block from transactions
- Calculate hash value:
h = SHA256(SHA256(block header)) - If
h >= threshold, change block header and return to step 2 - Otherwise (
h < threshold): Valid block found, stop calculation and publish block.
To ensure that a hash value can be found below the specified threshold, there are various fields in the block header whose value can be changed. Especially for this purpose exists the field Nonce.
Severity
The difficulty of the task, the so-called “difficulty”, is dynamically regulated in the network in such a way that a new block is generated every ten minutes on average. Therefore, with increasing computing power of the network, solving the task becomes more and more complex. A participant’s probability of finding the right solution is proportional to the computing power used. All 2016 blocks recalculate all Bitcoin nodes independently of each other the difficulty level of mining and thus adapt them to the current computing power of the entire system, so that a new solution is still found about every ten minutes. 2016 blocks correspond to about 2 weeks at constant hash power. Solutions that do not match the current difficulty level will not be accepted by other Bitcoin nodes.
Specialized hardware
Mining with the processor of a commercially available computer was only profitable for a short time during the early years and was quickly replaced by other hardware. Mining was initially only worthwhile on graphics processors and later on specialized (dedicated) hardware such as FPGAs. As fewer and fewer bitcoins were generated per unit of computing power on graphics processors over time and the share of electricity costs increased, FPGAs have been increasingly used since the end of 2011. These combine high hardware cost and low power consumption with a very high computing capacity in relation to a specific computing requirement for which they were manufactured. In the meantime, hardware components such as ASICs (Application Specific Integrated Circuits) have almost completely replaced FPGAs, as their performance is significantly higher.
At the end of January 2013, the first executable, commercially available ASIC systems for mining Bitcoins appeared. With these, it was possible to mine Bitcoins about 50 times faster than previously with GPU-based systems. However, the electricity consumption, which accounts for a significant part of the costs, is significantly lower. As a result, the difficulty of mining increased to such an extent that GPU-based mining (like CPU-based systems before it) became largely uneconomical within a few months.
For example, the ASICMiner block erupter USB in 130 nm chip technology, which were common in mid to late 2013, deliver about 333 megahashes per second (Mhash/s) and work with an efficiency of 130 megahashes per joule (Mhash/J). Mining hardware in 28nm technology, which became available in mid-2014, delivers ten times the efficiency of approximately 1.3 gigahashes per joule (Ghash/J) or more. Ultra-efficient ASIC mining hardware in 28nm technology with 6 Ghash/J (0.19 J/Ghash) has already been announced for 2015, ahead of the entry into even more efficient 14 nm chip technology in ASIC mining hardware expected in 2016. In 2021, the hashrates of established miners are around 100 TH/s.
Mining Pools
A mining pool is the aggregation of the computing power of mining hardware on a network to distribute the block reward evenly. The hashrate corresponds to the probability of finding a block and thus contributing to the pool. A “share” of the block reward will be awarded to members of the mining pool who provide a valid partial proof of work. Mining in pools was introduced when the difficulty of mining became so great that it could take centuries for slower miners to create a block. The solution to this problem was to pool resources to create blocks faster and get a small portion of the block reward on a constant basis, rather than randomly once every few years.
There is a trend towards centralized cloud mining as a risky investment. The providers of this cloud mining operate their data centers in Iceland, for example, because the electricity there is very cheap and the possibilities of efficient cooling of the thousands of ASIC mining computers are very good. This could threaten the decentralized Bitcoin mining model and make a 51% attack more likely.
Forks
A protocol change is introduced as a so-called fork. A distinction is made between two types: Protocol changes that introduce further rules are referred to as a soft fork, a relaxation of the rules as a hard fork. The difference is noticeable in the operation of the node software: An older version of this software is compatible with softfork blocks, but cannot check the new rules. Hardfork blocks, on the other hand, require a software update, but then the new rule set can be fully checked. Since the first block, Bitcoin has had 16 soft forks and 3 hard forks.
Forks (or chain splits) are also events in which a blockchain splits and both ledgers are continued independently of each other. This typically happens when a protocol change is not generally supported, but is still continuing. By dividing the blockchain into two separate histories, a Bitcoin can also be used in both payment systems after a chain split. Thus, every owner of a Bitcoin at the time of the Bitcoin Cash fork received a Bitcoin Cash. When making a transaction, however, it must be checked after a chain split whether protection against replay attacks exists.
Well-known chain splits of Bitcoin are:
- Bitcoin Cash: Split on Block 478558.
- Bitcoin Gold: Split on Block 491407.
- Bitcoin SV: Split on block 556766 of Bitcoin Cash.
Bitcoin technology in other projects
Since Bitcoin’s reference implementation (Bitcoin Core) is under the MIT license, the source code may also be used for other programs. In the case of Namecoin, a distributed Domain Name System (DNS) (.bit) was created.
It is also possible to create a Bitcoin copy with slightly changed parameters and a separate blockchain without much effort. The best-known standalone currencies built on top of Bitcoin Core’s codebase, but with a separate blockchain and some additional functionalities, are Litecoin, Zcash, and Dogecoin.
Bitcoin is an elementary component of the trusted-time stamping implementation Originstamp.
Acquisition and management of Bitcoins
Local Bitcoin software or an online platform can be used to receive and transfer Bitcoins.
Bitcoins can be exchanged either at online exchanges or individuals for other currencies, electronic money or Paysafecards. As a rule, fees are incurred, which vary depending on the provider. In the case of online exchanges, the operator of the exchange is the trading partner to whom the customer also entrusts his money. Trading fees are typically around 0.2-1% of the amount exchanged.
The file-sharing networks are not yet regulated, but are usually subject to requirements to make money laundering more difficult, e.g. in the form of withdrawal limits or know-your-customer principles. Proof of identity is usually required to trade larger amounts.
Deposits and withdrawals are made with Bitcoins directly by the transfer to or from the customer’s wallet at the provider. For other currencies, deposits can often be made as SEPA transfers. Balances with the exchange operator can be paid back to your own bank account, but additional fees may apply. However, there are also decentralized exchanges (DEX) where Bitcoins and other cryptocurrencies can be traded completely anonymously. An example of this is bisq.network, an open-source software that trades Bitcoin’s P2P over the Tor network.
The protection of the deposits is not prescribed and is thus left to the respective provider. The professionalism and seriousness of the providers varies greatly. Since large amounts and the easy mobility of Bitcoins provide a strong incentive for attackers to hack platforms with high balances, there have been momentous slumps in the past, where customers sometimes lost all their deposits. Due to frequent problems in the area of information security, some exchanges advertise improved security and offer partial certifications of their websites, two-factor authentication procedures, liability for lost deposits up to a regular deposit insurance for fiat money.
In addition, there are services that offer a direct exchange of common currencies, e-currencies, and Paysafecards into Bitcoins as exchange offices. The prices are predetermined, included fees are higher than with the exchanges and amount to about 1.5 to 5%. These services typically do not require registration, so you can quickly purchase the bitcoins and have them transferred to your wallet.
There are virtual “trading venues” where interested parties can register purchase and sale offers. The transaction takes place (similar to Internet auction platforms) between two private individuals. Some providers secure transactions unilaterally by depositing the bitcoins to be sold and only release them when the seller confirms receipt of payment. In this form of trading, there is a certain risk for both the buyer and the seller that the trading partner or the trustee will not behave honestly.
Bitcoin wallets
A Bitcoin wallet is a tool to send, receive, and securely manage Bitcoin. They can be distinguished, for example, into software, paper and hardware wallets, hot and cold wallets or custodial and non-custodial wallets.
The wallets differ in terms of the number of functions, the handling of the blockchain and the level of security – paper wallets are considered the most insecure and not recommended.
Wallet symbolizes a kind of virtual wallet, which, however, does not contain Bitcoins, but the information/data with which the user can send or receive Bitcoins.
A wallet is a digital keychain that a user uses to prove that they own a certain amount of bitcoins and allow them to send them. The addresses for receiving payments are generated from the keys. Any number of keys – and thus also addresses – can be generated.
For smartphones, there are several Bitcoin wallets with additional functions that are useful for mobile operation. The apps typically download a reduced version of the blockchain after installation. A Bitcoin address of the wallet on the smartphone can be displayed as a QR code. This contains a special Uniform Resource Identifier with the required Bitcoin address and the amount. QR codes may be scanned with the phone’s camera to make payments. It is also possible to send payments later when there is no internet connection. In addition, there are options for securing the wallet.
Comparison of some Bitcoin wallets
| Name | Developer | Programming language | Operating systems | License | Remarks |
|---|---|---|---|---|---|
| Bitcoin Core | Satoshi Nakamoto and others | C++ | Windows, Linux, macOS | MIT License | Reference implementation, also known as Bitcoin-Qt, manages the full blockchain, hence initially long loading time (about 260 GB via P2P; As of February 2020). |
| Electrum | Thomas Voegtlin | Python | Windows, Linux, macOS, Android | No loading of the blockchain necessary, as access via appropriate servers. Use of credits on multiple devices, wallets are generated from a seed (usable as a brainwallet ). | |
| Wasabi Wallet | zkSNACKs | .NET | Windows, Linux, macOS | Privacy wallet with CoinJoin implementation and focus on coin mixing, coin control over the Tor network and fungibility of bitcoins. | |
| Bitcoin Wallet | Andreas Schildbach | Java | Android, Blackberry OS | GPLv3 | Available as Android and Blackberry app only. Focus on ease of use and high security, is independent of servers and web services. |
Web-based and hybrid wallets
In addition, there are a variety of web services that offer an online wallet. In this case, the access data is not stored on the user’s hardware, but at the online wallet provider, the security of the balance depends entirely on the server-side security and the (difficult to verify) trustworthiness of the provider. A malicious provider or server security breach can lead to entrusted bitcoins being stolen. An example of such a security breach is the case of Mt.Gox from 2011. This led to the meme “Not your keys, not your Bitcoin”.
An alternative, for example, for mobile platforms for which no regular Bitcoin client is offered, is hybrid wallets. With these, the code to be executed is loaded from the provider’s server, but the secret keys are encrypted and transmitted on the client side.
Commercial crypto custodians
Since January 1, 2020, the commercial custody of crypto assets for third parties in Germany has been a financial service. Thus, depositaries are supervised by the Federal Financial Supervisory Authority (BaFin). Since the regulation applies to all companies that actively participate in the German market, a strong increase in permit applications is expected.
Distribution
Payment transactions
As with currencies, Bitcoins could also be used to pay for goods or services, according to 2014 estimates. At the beginning of March 2015, 6,284 places such as shops or hotels were listed in the OpenStreetMap database that accepted Bitcoin as a means of payment. For the German market alone, more than 100 acceptance points from a wide variety of industries were listed in 2016.
The largest online services that accepted Bitcoin as a payment method in 2015 included social news aggregator Reddit, Microsoft Account, Overstock.com, Dell, Expedia and Threema. Blog host WordPress.com accepted bitcoins as a payment option until the end of February 2015. Some pizza ordering services accepted bitcoins in 2013 by passing orders to major delivery services, as well as food delivery services for restaurants. Also in 2017, you could still order pizza with Bitcoins, but according to a research in the Washington Post in early December 2017, the price for a pizza was 8.70 US dollars for customers who paid with US currency, while Bitcoin payers had to pay with 0.0036 Bitcoin at the time the equivalent of 34.12 US dollars. In March 2019, Switzerland’s largest online retailer Digitec Galaxus started accepting Bitcoin and some other cryptocurrencies in the two online shops digitec.ch and galaxus.ch.
Furthermore, payment in Bitcoins was offered in 2013 by some game developers, municipal services, hotels or various tour operators. Occasionally, Bitcoins were used in the first quarter of 2013 for the purchase of cars and houses or for rent payments. In 2015, the Museum of Applied Arts (MAK) in Vienna was the first museum to use bitcoins to purchase a work of art for the museum’s collection.
Donations of Bitcoins are accepted by NGOs and, for example, by WikiLeaks. In addition, the currency is adopted for the purpose of micropayment by organizations that work for various charitable causes, as well as given away in recognition of creative content on the web. Bitcoins also serve as a stake for gambling.
Due to their pseudonymity, Bitcoins are also used for money laundering, ransom extortion in encryption Trojans and as a means of payment for weapons, pornography, illegal drugs and fraud goods to contract killings via darknet markets.
On June 8, 2021, the Legislative Assembly of El Salvador passed a law making the country the first in the world to recognize Bitcoin as another official means of payment, effective September 7, 2021.
In August 2021, Worldline, in partnership with Bitcoin Suisse, unlocked payments with Bitcoin on its POS terminals.
Trade
On December 10, 2017, Bitcoin futures contracts started trading on the US futures exchange CBOE, a week later on the CME. On the one hand, price fluctuations of the Bitcoin can be hedged, on the other hand, it can also be participated in price increases or losses of the Bitcoin without being the owner of Bitcoins. The CBOE future includes one Bitcoin, the CME contract has a volume of five Bitcoins. On the CBOE, the price on the cryptocurrency exchange Gemini is used, the CME forms a reference price from the quotes on the four exchanges Bitstamp, GDAX, IiBit and Kraken.
Users
In September 2011, a participant in the Bitcoin community estimated the number of different Bitcoin nodes active within a day at 60,000. The estimate was based on the evaluation of specific messages in the peer-to-peer network. By October 2012, the number determined with this method had fallen to just under 20,000. Researchers Dorit Ron and Adi Shamir analyzed the transaction graph in May 2012 and determined a figure of 2.4 million independently used addresses.
This number represents an upper limit on the number of users who have made a Bitcoin transaction up to that point. The most active individual users were the mining pool Deepbit and the trading platform Mt.Gox, responsible for eleven percent and seven percent of all Bitcoin transactions. The reference software Bitcoin Core (also known as Bitcoin-Qt) achieved around 70,000 downloads per month at the end of 2012 and around 270,000 downloads in March 2013. The number of users of the online service My Wallet was reported as 80,000 in December 2012.
The Reddit group / r/bitcoin reached 10,000 users in September 2012, 20,000 users in March 2013 and 107,000 users in February 2014. A survey by the Blog netzpolitik.org in January 2013 found that 5.5% of readers would pay donations via Bitcoin, while alternatives Flattr and PayPal scored 33.0% and 27.7%, respectively.
A study by the University of Münster in 2015 found that typical Bitcoin users are between 25 and 44 years old and have a technical profession. Bitcoins are predominantly used to pay or speculate. The most important motivation of users is the joy of experimenting with an innovative system. According to this study, illegal applications play only a minor role, taking into account that it is not representative of the international Bitcoin scene for only about 100 people surveyed, 60% of whom come from Germany.
According to blockchain analytics firm Glassnode, the number of active wallet addresses peaked at 140,000 in 2011. By the end of 2017, the number had grown to over 6 million, but fell back to half in 2018. By the end of 2020, more than 6 million active addresses had been registered again.
Questions of law
Tax management
In Germany, Bitcoin is neither legal tender nor e-money, foreign exchange or varieties. According to the Federal Financial Supervisory Authority (BaFin), Bitcoin is a unit of account that can be used in “multilateral clearing groups” and thus a financial instrument within the meaning of the German Banking Act (KWG). This statement was confirmed in August 2013 by a request from MP Frank Schäffler to the Federal Ministry of Finance: Bitcoin is a kind of “private money”.
The 4. Criminal Senate of the Berlin Court of Appeal contradicts this view of Bitcoin with the judgment of September 25, 2018. According to the chamber, Bitcoin cannot be a unit of account because it lacks the stability of value and general social recognition for use. Subsequently, BaFin classified Bitcoin as units of value comparable to foreign exchange. Furthermore, profits from the Bitcoin sale are a private sale transaction and are subject to income tax pursuant to § 23 of the Income Tax Act (EStG). Losses resulting from a private sale after the expiry of the speculation period can no longer be offset against profits.
Transactions conducted in Bitcoin are subject to customary tax obligations; they are not capable of evading VAT. The exchange of bitcoins for other means of payment – and vice versa – is exempt from VAT under Article 135(1)(e) of the VAT Directive.
In Austria, Niko Alm submitted a parliamentary question to Finance Minister Michael Spindelegger on May 23, 2014, regarding the tax and legal handling of Bitcoin. The answer stated that trading bitcoins can be “taxable and taxable.” There is no “speculation tax” to pay if you own Bitcoins for more than a year.
The U.S. Internal Revenue Service issued a statement in 2014 stating that Bitcoin should be taxed as a property. Unless exceptions are created for small amounts, this classification has the disadvantage that even in the case of small transactions such as .dem purchase of a cup of coffee, there are extensive accounting obligations for all users in order to determine capital income.
From 2013 to 2015, between 800 and 900 customers reported profits from Bitcoin transactions on the U.S. IRS, while on the Coinbase trading platform, about 14,000 people made Bitcoin trades for more than $20,000 at the time. Therefore, in November 2017, the tax authority legally forced Coinbase to hand over the identity and account data of all customers who were doing business starting at $20,000 at the time.
In Japan, Bitcoin profits as “other income” are subject to a tax rate of up to 55%.
The ECJ declared on 22 October 2015 that there is no VAT on the purchase and sale of units of the virtual currency ‘Bitcoin’. The German Federal Ministry of Finance confirmed the content of the judgment to the highest tax authorities of the Länder on 27 February 2018.
Legal classification of Bitcoin in the EU
While in principle the individual member states of the European Union are free to enact their own rules for Bitcoin, Directive 2018/843/EU (Update of the 4. Anti-Money Laundering Directive, often also 5. Anti-Money Laundering Directive) for the first time provides a uniform and EU-wide legal basis for the classification of Bitcoin.
Article 3(18) of the 5. Anti-Money Laundering Directive defines the term virtual currency. According to that provision, it is: ‘a digital representation of value which has not been issued or guaranteed by any central bank or public body and which is not necessarily pegged to a legally defined currency and which does not have the legal status of a currency or money, but which is accepted as a medium of exchange by natural or legal persons and which transmits by electronic means; can be stored and traded”.
This definition does not refer to any particular technology. Nevertheless, the authors of this legal definition under EU law primarily had blockchain technology in mind and Bitcoin as an archetypal form. The legal definition has thus been written on the basis of Bitcoin. Bitcoin is therefore in any case a virtual currency within the meaning of the definition quoted above.
From the cited legal definition it can be seen that virtual currencies are referred to by the European legislator as a medium of exchange. The legislative opposition to the medium of exchange is the means of payment. It is no coincidence that the legal definition speaks of means of exchange and not of means of payment. An earlier definition proposed by the European Commission explicitly used the term means of payment. Payment is the fulfillment of a monetary debt and means of payment everything that can be used for this. As a result, the property of medium of exchange can best be described negatively: medium of exchange is everything that is accepted for the fulfillment of a debt and is not a means of payment. Bitcoin is thus a medium of exchange.
Establishment of corporations using cryptocurrencies
Since the summer 2017, it has been possible in Switzerland to establish stock corporations and limited liability companies with the most important cryptocurrencies – above all Bitcoin. Since then, the formation of a corporation has been recognized in practice, especially with Bitcoin and Ether. Cryptocurrencies can be used to pay the share capital or ordinary shares in application of the provisions of the contribution in kind pursuant to Art. 628 et seq. CO. In principle, this works with all cryptocurrencies that can be accounted for as assets according to Art. 958 et seq. CO.
Controversies and risks
Financial risks of Bitcoin
The purchase of significant amounts in Bitcoins has so far been a high-risk investment. Journalist Timothy B. Lee, who invested in bitcoins, cited the following risks in 2013:
- Irreversible losses due to malware, data loss or breaches of online exchanges. For example, about a third of all cryptocurrency trading platforms have been hacked since 2009, according to 2017 investigations.
- Severe restrictions due to state regulation as a measure against money laundering
- An overload of the system’s capacity, which could make transactions slow, at least temporarily, and small transactions very expensive
- Commercial use is too low compared to the rising share price and the associated high expectations
- Targeted market manipulation by large market participants. These might not be punishable in Germany, as bitcoins are not legally considered securities or investments.
Legitimacy of non-central money creation
If the unit of payment becomes established and trading takes place with it, money creation takes place, which in the case of central bank money traditionally represents a monopoly of the central banks, but in the case of credit and book money takes place mainly by the commercial banks. An increase in the money supply compared to commodity values (whether through cash or credit money) tends to lead to inflation at a given velocity of circulation.
This is accompanied by a loss of purchasing power of existing assets – and always a transfer of assets to the money-issuing agency. In the case of Bitcoins, this source of income for central banks would be eliminated. Therefore, for example, the German interest group “Bundesverband Digitale Wirtschaft” denies the legitimacy of non-central money creation. On the other hand, bonus and credit systems such as frequent flyer miles, Linden dollars, Facebook credits or Payback cards are not affected by this legitimacy problem.
The aforementioned banknote monopoly is now supported by the legal tender status and, in the EU, by the Coinage Act of 2002. These legal norms do not contain a ban on alternative currencies. However, a new currency is extremely difficult to introduce due to the network effects of established currencies.
In 2011, proponents and users of Bitcoin were of the opinion that decoupling money creation from central power structures could bring about a democratization of the monetary system. The replacement of the existing, essentially credit-based system, in which money is always burdened with debt interest, is also sometimes seen as desirable.
Underground economy
The US economist Kenneth S. Rogoff said in an interview in the weekly newspaper Die Zeit: “I personally believe that Bitcoin will be banned at some point. Because it can be used for criminal activities and tax evasion. […] Of course, you can invest your money there. But if it is to have fundamental value, it needs a use. And in the case of Bitcoin, this is the shadow economy. This market is easily worth $20 trillion.”
Electricity consumption and pollution
Bitcoin mining consumes large amounts of electrical energy. The University of Cambridge’s Bitcoin Electricity Consumption Index estimated Bitcoin’s annual electricity demand at 120 terawatt hours (TWh) in February 2021. Because of the possible ecological damage, Bitcoin is criticized.
Due to the self-regulating difficulty of mining, there is no upper limit to energy consumption. As long as this is profitable, the number of miners and thus the electricity consumed grows – depending on the Bitcoin price, as miners must at least cover the electricity costs with the reward for mining new Bitcoins in order to be profitable. Thus, the significant decline in the price of Bitcoin in the second half of 2018 was accompanied by a decline in energy consumption. It should be noted that there is no direct correlation between energy consumption and the number of transactions, since the reward for mining a block is fixed and does not depend on the number of transactions contained in the block.
Compared to other online transactions, Bitcoin transactions require many times more energy per transaction. Based on a transaction on the blockchain, an average of 2,200 kWh of electrical energy was consumed as of March 2022. On the other hand, a credit card transfer requires an average of about 1.5-watt-hours (0.0014863 kWh). However, electricity consumption is independent of the number of transactions. Also not included are all transactions in Bitcoin’s Layer 2 solutions (e.g. Lightning Network and Liquid Network), which also enable micropayment (many small transactions). The power consumption of a transaction in the Lightning Network is thus similar or, according to various calculations, lower than the conventional payment with a card.
Regions with low energy costs such as Sichuan in China but also Iceland, Quebec, Norway and Georgia are preferred locations for mining farms. The energy mix used for mining is highly dependent on the location and the season. The primary energy sources with the largest share of the energy mix used for mining are hydropower, coal and natural gas. According to a study published by Cambridge University in 2020, approximately 39% of the electricity used for mining worldwide comes entirely from renewable energy sources, while approximately 76% of electricity comes from an energy mix containing renewable energy.
At the end of 2017, about three-quarters of all bitcoins originated in the People’s Republic of China, especially from coal-fired electricity from Inner Mongolia. The carbon dioxide emissions of a Bitcoin mined there were estimated at 8 to 13 tons in 2017. For 2018, Morgan Stanley expects electricity consumption to increase to 125 TWh, possibly 140 TWh. This corresponds to about 0.6% of total world electricity consumption. A 2021 study estimated that these emissions would exceed the total annual carbon emissions of European countries such as Italy within about 3 years, and mining there would be the twelfth largest national emitter.
The development of fluctuating renewable energies, such as wind and solar energy, is challenging because they cause instabilities in the power grid. Several studies found that these renewable energy sources can use the excess energy to mine Bitcoin, thus hedging the risk of electricity price and the power grid, reducing redispatch, increasing the profitability of renewable energy infrastructure, and thus accelerating the energy transition. Thus, the CO2 footprint of Bitcoin can be reduced.
The climate-related criticism of Bitcoin is mainly based on the network’s absolute carbon emissions, without taking into account Bitcoin’s market value. However, if bitcoin issuance is considered relative and relative to market value, adding bitcoins to diversified equity portfolios may well reduce the aggregate CO2 footprint of investment portfolios.
For environmental reasons, Norway ended mining subsidies in 2019.
Software errors and attack scenarios
51% attack
If an attacker controls more than 50% of Bitcoin’s mining computing power, they have the opportunity to carry out a so-called 51% attack. He could, for example, deliberately exclude individual participants by ignoring their transactions in blocks or claiming bitcoins created in the future. 51% of attacks are currently a problem, especially for smaller cryptocurrencies that use the same proof-of-work hash function as a larger cryptocurrency, making it possible for miners with specialized hardware (ASIC) to temporarily repurpose computing power from the larger to the smaller currency for the purpose of the attack. The larger the network, the less likely a 51% attack becomes. The Bitcoin network already consisted of over one million miners in October 2020, making a 51% attack on Bitcoin extremely unlikely.
Password loss
The value of bitcoins in digital wallets to which the owner no longer has access was estimated at €115 billion in 2021.
Quantum computers and post-quantum cryptography
Future, powerful quantum computers represent a potential threat to today’s widespread asymmetric cryptosystems, such as those used in Internet communication and Bitcoin. In order to mitigate this risk at an early stage, since the 2000s research has been increasingly being carried out into methods of post-quantum cryptography that can also withstand attacks with quantum algorithms known today.
There is no known quantum computer algorithm that could efficiently invert the SHA-256 hash function used for Bitcoin mining. An application of the Grover algorithm would accelerate the mining process quadratically but must be able to compete with the ASICs mining devices. Therefore, the potential impact of quantum computers on Bitcoin mining is considered less severe compared to that on ECDSA.
References (sources)
|