Topic: Do payment verification grow increasingly more complex? (Read 1633 times)

No.  A bitcoin address is not a model for a bank account.  A bitcoin address is a model for an invoice number.  It allows you to know who paid you, when they paid you, how much they paid you, and what they were paying you for.  As such, just like you would have a unique invoice number for every payment that you receive, you would want a unique address for every payment that you receive.

If you are running your own wallet, then your "account" is your wallet (unless you set up separate accounts in the wallet).  You can receive many payments for many addresses all into the same wallet.  The people paying you don't need to know anything about your other wallet addresses, they just need to know which address they should pay.

Yes, that was how it worked in the initial versions of Bitcoin, and a lot of people still use "key" and "address" interchangeably - it's a habit that's hard to break.  

But a key is not an address, either.  

Starting with (I think) version 0.09 Bitcoin's standard client has been making all new txOuts have different keys.  Even when they get paid to the same address.  This is one of the reasons why Bitcoin now recognizes two different address formats; the new ones interact with some new algorithms to derive unique keys.  So payments sent to one of the new addresses, wind up having different keys.  No one looking at the block chain can tell they were paid to the same address, unless they know the private key for that address.  

This helps, but it doesn't give perfect privacy.  Snoops looking at the block chain  can usually identify txOuts that were held in the same wallet, as soon as they are spent.  This happens because when you make a payment from a wallet, it selects one, or some combination, of txOuts from all the addresses and keys it knows about, and snoops can identify wallets from watching which payments get combined.  

And even with this change to help preserve some privacy, someone can still send coins directly to one of the keys generated from the new-style addresses, resulting again in the possibility of multiple txOuts on the same key in the block chain.  

But isn't that what should be expected, at least in a functional market? If you are trading goods or services you do normally operate with one bank account for all payments. I suppose for the case of bitcoin it would be natural to have one one address for many payments.

Not quite correct but close.

A txOut is not an address.  "Normal" transactions create one txOut per address, but if the same address gets a lot of different payments from different transactions, then there can be 30 BTC at that address all split up among hundreds of different txOuts.  This is discouraged, by the way; it's bad for everyone's privacy and considered rude.

But it used to be very common.  Change from a transaction would often go back to the same address/key that an input for the transaction came from, and certain online casinos would take a single address for a player and send all winnings there.  Modern clients don't do this by default, but they can still be commanded to send coins to an old address.  And for a long time some asshat was going up and down the block chain sending one-satoshi outputs to random old addresses, for reasons I'd rather not go into right now.

So let's say someone did a lot of *successful* online gambling way back in the way back when all the bitcoin casinos were paying all winnings to the same account for a particular winner.  She's got that 30 BTC split up among hundreds of different txOuts.

Then when she spends 10 BTC (getting a new gaming computer maybe) her client is going to look at all the available unspent txOuts and assemble a transaction using, maybe, 50 to 90 of them.   She'll go slightly over the target amount and get change returned to her in another txOut and for any current software, the change will be at a different key/address.  But the unspent txOuts will still be sitting there at the original address. 

Correct

So the UTXO grows if more Bitcoins are spread out in more addresses? Imagining that all Bitcoin holders were asked to consolidate their Bitcoins in one address will the UTXO db size decrease? (of course, this is merely an hypothetical question, using only one address reduces anonymity)

Yes.
UTXO db is in fact the state of the blockchain, at a specific block in time.

In theory the number of UTXOs doesn't need to grow.
I'm sure there were periods of time when it was actually decreasing.

It has mostly been growing during some kind of attacks on the network, like the recent ones when someone was trying to inflate the mining fees, to prove whatever crazy point he had.

Unfortunately (transaction fee wise) creating new utxo records is very cheap and I haven't heard yet of any ideas to make it more expensive, so the odds are that the UTXO db will be growing.



You can get the numbers yourself.
There is an RPC command in the recent bitcoin core that shows you number of unspent outputs*. Don't remember it's name, but you should be able to easily find it.
Run the command while downloading the block chain (preferably from scratch) to observe the number of records around a specific block height.

At block #411453 you have:

---

EDIT:
* - the command is gettxoutsetinfo. It gives output like this:

Yes, Blockchain grows every day, and thus checking the whole Blockchain takes increasingly more and more time.

But, participants are not expected to check the whole Blockchain. Instead, participants only "catch up", in other words,

they simply verify the block mined since the last validation. If participant connects to the network from time to time, the

complexity does not grow but stays manageable.



The number you are looking for is the number of transactions. The more transactions in a given period, the more time it takes to verify them.

https://blockchain.info/charts/n-transactions

So utxo db can be assembled from, or verified by the blockchain then? I would like to see how the number of utxo grows with the accumulated no of transactions. If it is linear or different. Where can I find those numbers?

in general it does not become more complex to process a single transaction, but...

the problem is in (so called) unspent-outputs database (or UTXO-db).
number of records inside this db has been increasing and we can expect it to still increase in a future.
currently it contains almost 40 million unspent outputs, from over 10 million transactions.

as the database grows bigger, you might consider that it becomes more complex to query its records.
and querying records of UTXO database is part of the process of verifying new transactions.

This doesn't happen, full nodes only need to know if the transaction input in question exists and is unspent.

Full nodes maintain a database of all unspent outputs. So they don't need to look up transactions on the actual blockchain, they just query a database.

As I have understood, payment verification by full nodes tracks every satoshi in the transaction back to the block where it first was created. I would expect that the different satoshis in the transaction will branch back to many different creation blocks. And that this branching will grow with time, hence making payment verification increasingly complex (costly). However, since I never seen this raised as an issue, I expect my understanding of PV is incorrect. Anybody to enlighten me on this?