Satoshi Nakamoto defines an electronic coin within the “Bitcoin: A Peer-to-Peer Electronic Cash System” white paper as follows:
“We define an electronic coin as a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership.” Page 2
The preceding process is illustrated in the following diagram as referenced from the “Bitcoin: A Peer-to-Peer Electronic Cash System” white paper:
As shown, each Bitcoin transaction is comprised of the current transaction Owner’s Public Key, a Hash, the preceding transaction owner’s signature, and the current transaction Owner’s Private Key. The current transaction Owner’s Public Key is used to verify the next transaction, while the current transaction Owner’s Private Key is used to sign the next transaction.
There is a potential problem with this method as identified by Mr. Nakamoto:
“The problem of course is the payee can’t verify that one of the owners did not double-spend the coin. A common solution is to introduce a trusted central authority, or mint, that checks every transaction for double spending. After each transaction, the coin must be returned to the mint to issue a new coin, and only coins issued directly from the mint are trusted not to be double-spent. The problem with this solution is that the fate of the entire money system depends on the company running the mint, with every transaction having to go through them, just like a bank.” Page 2
I had discussed earlier the challenges with relying on a centralized authority, or single point of failure here and here. Nakamoto goes on to identify an alternate solution to the double-spend problem:
“We need a way for the payee to know that the previous owners did not sign any earlier transactions. For our purposes, the earliest transaction is the one that counts, so we don’t care about later attempts to double-spend. The only way to confirm the absence of a transaction is to be aware of all transactions. In the mint based model, the mint was aware of all transactions and decided which arrived first. To accomplish this without a trusted party, transactions must be publicly announced , and we need a system for participants to agree on a single history of the order in which they were received. The payee needs proof that at the time of each transaction, the majority of nodes agreed it was the first received.” Page 2
I believe that the system of publicly announced transactions Mr. Nakamoto is referring to is the Blockchain.
2. J.R. Sedivy. Bitcoin: A Peer-to-Peer Electronic Cash System Abstract:
3. J.R. Sedivy. Cryptographic Proof And Honest Nodes:
4. J.R. Sedivy. The Irreversible Nature of Bitcoin:
5. Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System:
6. W. Dai. B-money: