Nobody knows.

Really.

Here's what is known. He (or maybe it's she or they) is the author of the 2008 paper Bitcoin: A Peer-to-Peer Electronic Cash System that got posted to the cypherpunk mailing list. This paper introduced Bitcoin and the underlying blockchain technology. He (I'll just say "he" from now on since his pseudonym is a single man) also created the original reference implementation, and set up and posted on the original bitcoin forum. Then, in 2010, he vanished and has not been heard of since. He owns 1M Bitcoins, or maybe more, which, at over $3,000 as I write this, makes him worth at least a couple of billion dollars.

The first Bitcoin transaction, and the only one known to have been initiated by Satoshi, was 50 BTC sent to Hal Finney. The first transaction in which Bitcoin was exchanged for "fiat currency" (aka normal money) was when Martti Malmi sold 5,050 BTC for $5.02. As you can see, the price has gone up a lot.

The original message Satoshi posted to the mailing list summarized the main properties of Bitcoin:

Double-spending is prevented with a peer-to-peer network.
No mint or other trusted parties.
Participants can be anonymous.
New coins are made from Hashcash style proof-of-work.
The proof-of-work for new coin generation also powers the network to prevent double-spending.

Obviously, he sounds Japanese, and Satoshi has claimed that, but there is no evidence. There is some speculation that he is British since he quoted The London Times (actually just called The Times but I put London in to avoid confusion with The New York Times) in the genesis block of the Bitcoin blockchain. Many people consider that Satoshi must be a group of people since the code, which got open-sourced in 2009, seems too much for a single individual to have created. Whoever Satoshi is, the fact that Bitcoin has not been hacked a decade later is an amazing computer science achievement by any standard, all the more so if it really was created by a single individual.

Blockchain

The original aim of the blockchain system was to create a payment system based on "cryptographic proof instead of trust." The key part of the blockchain is the ledger. This is a public record of all the transactions that cannot be altered once verified and agreed to. It can only be added to with newer transactions. To make it trustworthy without any central trusted authority, it is a peer-driven system in which no one individual has more trust than any other. There is an assumption that no entity controls more than half the members of the participating community, or really that at least half the members of the participating community are honest.

There are three components to any blockchain:

• The Ledger, a series of public blocks that are the public record. The blocks are ordered in time.
• The consensus protocol, by which members of the community can agree as to what is "really" in the ledger.
• Digital currency, Bitcoin, that acts as the reward for the individuals willing to do the work (run computers and pay for the electricity etc).

The ledger is a series of blocks. The first entry of each block is the cryptographic hash of the previous block. This makes it impossible to go back in time and change previous blocks without it being obvious. A cryptographic hash is a "one-way function" that is easy to compute but where there is no known way to reverse it and generate a block that hashes to a particular value. The unique aspect of the Bitcoin blockchain is that some additional bits needed to be added (called a nonce) and there is no way to discover the correct bits other than brute force. You can probably already get a hint as to why GPUs are attractive since they are very good at this sort of brute force repetitive execution of calculations. The people doing these brute force calculations to validate the blockchain and earn rewards are known as miners. This is an analogy with a gold-backed currency, where the amount of gold in the world is assumed (in the short term) to be fixed, but there are people deep underground slowly digging up comparatively small amounts of new gold.

I won't go into the details of the consensus protocol since it is beyond the scope of a blog post like this. It happens to be part of what I did my Ph.D. on since distributed file systems also have things on which they have to agree if they are to implement atomic transactions. If you withdraw money from one bank account and deposit it in another, it is really important that either both those things happen or neither of them. I happened to write a white paper for Google a few years ago about the database underlying Google App Engine, and I pointed out there just how strong a guarantee like this has to be. It is not some sort of best-effort guarantee. It remains true even if one of Google's datacenters is permanently and completely destroyed: either all the updates in the transaction take place, or none of them do. The blockchain under Bitcoin has to be like that; otherwise, money can be created or lost.

The reason for the aforementioned miners to do the work is that the first transaction of each block is an allocation of digital currency to the first miner to get the right answer for the previous block. Other miners then need to accept this block as quickly as possible and start working on the next bock to try and get the next payment. With Bitcoin, the payment changes over time, halving every so often as more coins are mined so that it becomes harder and harder to earn the reward. Eventually, all 21M bitcoins will have been mined. I'm not sure how the incentive scheme works after that.

One challenge with this approach is whether it will scale. There are a few hundred thousand transactions per day on the Bitcoin blockchain, compared to a similar number of credit card transactions...per second. Blocks are verified at less than ten per second (there is more than one transaction per block but not a large number).

You may also have heard that the amount of energy consumed in the consensus mechanism is very high, at the level of a big city or a small country. The use of specialized ASICs has reduced this somewhat but at the expense of introducing potential points of failure—are you sure that chip does only what it is meant to do? The amount of silicon being used (largely in China and Iceland due to cheap electricity) to construct high-performance miners is big enough to merit a mention in TSMC earnings calls, and when the price of Bitcoin dropped below the cost of the electricity required, that business went away leaving a revenue hole. If this sounds unlikely, this page lists about 30 different ASIC chips developed for Bitcoin mining.

The Gold Rush

I recently wrote about the crypto gold rush, venture capitalists piling in to fund companies based on blockchain, regarding the technology as equivalent importance to the original invention of the internet. For that, see my post Will Crypto Change the World?

Trust

Bitcoin and the blockchain are trustless only in the sense that it doesn't require a centralized trusted organization such as a central bank. However, you have to trust something, that the software and silicon is correctly implemented, that the hash functions truly are non-reversible, that nobody has managed to corner the market and control 51% of all the miners, and so on.

If you want to see a very skeptical position on blockchain in general, by my go-to-guy for security Bruce Schneier, I recommend his piece in Wired earlier this month There's No Good Reason to Trust Blockchain Technology. As he points out in his opening paragraph:

Yes, bitcoin eliminates certain trusted intermediaries that are inherent in other payment systems like credit cards. But you still have to trust bitcoin—and everything about it.

Later, he points out where the trust has moved:

What blockchain does is shift some of the trust in people and institutions to trust in technology. You need to trust the cryptography, the protocols, the software, the computers and the network. And you need to trust them absolutely, because they’re often single points of failure.

Every few weeks you hear about some failure, not of the cryptography itself, but the surrounding ecosystem. Bitcoins are stolen, someone dies with the only password. Mt Gox famously lost hundreds of millions. Steve Wozniak, uber-nerd, was scammed out of $70K.

Here's a flowchart from the paper Do You Even Need a Blockchain? for deciding whether to use Blockchain for a particular application:

But Vint Cerf, one of the founders of the internet and a Turing Award winner is more skeptical, tweeting out his simple flowchart on whether or not to use blockchain:I'll give Bruce Schneier the last word:

A system where you can lose your life savings if you forget your key or download a piece of malware is not particularly trustworthy.

Learn More

There is a ton of information about Bitcoin and blockchain, far more than I can give useful links to here. But the original Satoshi white paper is Bitcoin: A Peer-to-Peer Electronic Cash System. NIST did an analysis of Bitcoin in October last year, published as the innocuously named Bitcoin Technology Overview. It is 70 pages long, so not a quick read.

Sign up for Sunday Brunch, the weekly Breakfast Bytes email.