Topic: Teach me bitcoin! (Read 938 times)

In the future, you may find the Wiki to be a very helpful resource.  Much of what I know, I learned there:

Bitcoin Addresses
Address Technical Info
Private Keys
Transaction
Fees
Scripts
Change
WIF
Protocol

Before you bother reading ANY of that, you Really really should read through the Satoshi Whitepaper.  It isn't very long, and the technical stuff really isn't too complex and can be skipped over for the most part if it is confusing.

Satoshi whitepaper

I read a lot but some documents are confusing, so i decided to open a thread for better explanation. Otherwise, i don't even like posting.

I've repeated most of these answers a few hundred times by now.  New members don't bother to read stickies, or FAQs, or Wikis, or do much searching.

I guess it's just easier to create a list of questions and then hope for people to come along and repeat the usual answers.

I would make a nice FAQ sticky

Thanks for your answers. I hope these answers will be a guide to new members (:

Not to butt in... But what great answers, and what an awesome community we have!! 

It depends on which wallet/client you import the private key into.

If you import the private key into Bitcoin-Qt, and then spend some of the bitcoins, Bitcoin-Qt will probably create a new change address and send some of your bitcoins to this change address.  If you then delete the bitcoin-qt wallet without first creating a new paper wallet and sending the entire remaining balance to the new paper wallet, then you will probably permanently lose those bitcoins that the bitcoin-qt wallet sent to the change address.

Hey there, welcome to the forums

I'm using blockchain.info wallet for now, but in the future I'd like to keep my private key on a paper. So, i will not have a change address. I'll import my private key to client, and delete wallet when i'm done. Will i lose my changes?

Great, that explanation helped me quite a lot. Thank you

Yes.  In the case of bitcoin, a public key is a 256 bit value that is calculated with ECDSA  over the Secp256k1 elliptical curve.  There is no hashing involved at all in the generation of a public key.  The public key is generally unknown to the average user.  However, the public key is necessary to validate a signature.  The bitcoin address is a 160 bit RIPEMD-160 hash of a SHA256 hash of the public key.  The bitcoin address also has a version number in front, and a 4 byte calculated checksum appended on the end to protect the user from any typo.

When you spend previously received bitcoins, your wallet doesn't ONLY supply the signature in the transaction.  It also supplies, in the input script, the public key associated with the address that is associated with the input being spent.  The network can then verify that the public key is correct by generating the address from the public key and verifying that the resulting address is the same as the one that is associated with the input.  Once the public key is validated, it can be used to validate the signature.

This means that if you only ever receive bitcoins at an address and never send any of those bitcoins anywhere, then they are protected by 3 algorithms (RIPEMD-160, SHA256, & ECDSA).  Once you create a transaction to spend bitcoins that were sent to an address, any other bitcoins that are associated with that address (at that time or in the future) are only protected by ECDSA (since the public key is now permanently in the blockchain with the transaction where the bitcoins where spent).  This is one of several reasons why some people say it is safest to use a new bitcoin address for EVERY transaction, and never re-use an address that you've used in the past.

Thanks for correcting me,
I guess I simplify too much for any deep technical analysis xD

Didn't realize there is a difference between public key and address.

For the average user there is really only one type of address in bitcoin.  It's generally called a "bitcoin address".  Technically you could probably think of a multi-sig address as a different type of bitcoin address, but I don't think this is what you meant.

There are two types of keys, public keys and private keys.  Keys are not addresses, and addresses are not keys, but all three (private key, public key, and bitcoin address) are mathematically related.  It is generally safe to assume that each private key has exactly one associated public key (we'll ignore the concept of compressed keys for the moment), and that each public key has exactly one associated private key.  If you know the private key it is possible to calculate the public key, and if you know the public key it is possible to calculate the bitcoin address.  None of those calculations are possible in the reverse direction.  If you know the bitcoin address it is not possible to calculate either the public key or the private key.  If you know the public key it is not generally possible to calculate the private key.  An exception to that would be if you have multiple signatures from the same private key and know the random data that was chosen by the signing algorithm.  This exception should not be possible unless the algorithm used for generating random data is flawed and predictable.


Possibly, depending on which wallet/client you are using.

This is incorrect.  The average user never sees a public key in bitcoin.  What you give out to receive bitcoins is a bitcoin address which is typically a RIPEMD-160 hash of a SHA256 hash of a public key with a version number in front and a calculated checksum appended onto the end.


It might be more accurate to say:
input = what you send
output = where you send it


This depends on whether you are:

• looking at a raw transaction and trying to determine what the fee is in the transaction (in which case you have to calculate it)
• manually building raw transactions (in which case you'll want to calculate the minimum fee required to be sure the transaction will propogate)
• using a wallet/client that handles the technical details for you (in which case you don't need to calculate the fee, the wallet/client will take care of it)

No.


Input is a previously unspent output.  Output is a newly created unspent output.
Inputs provide value to a transaction.  Outputs encumber that value with requirements that must be met to use the output as an input in some other transaction.


Spent output is an output that has been used as an input in another transaction.
Unspent output is an output that has not yet been used as an input in another transaction.


BIP = Bitcoin Improvement Proposal
WIF = Wallet Import Format (a specific way of representing a private key)
I'm not sure what WIP is?


Any value that has been provided to a transaction (the sum of the inputs) that is not specifically accounted for in the sum of the outputs of the transaction are available to be claimed by the miner that includes the transaction in the block that they mine.  If the total of your inputs exceeds the total of your outputs and you don't want to pay the excess as a fee to the bitcoin mining network, then you need to create an output that encumbers that value with a requirement.  The typical requirement that bitcoin uses is a requirement to supply a signature from the private key that is associated with a particular bitcoin address.  Common usage of the phrase "send bitcoins to an address" refers to this signature encumbering.  As such the "change" address is an address for which you have the private key, and which you use in encumbering the value in the output.
 

It is the 256 bit result of a SHA256 function performed on the data contained in the transaction.  It is used as a unique identifier for the transaction.


What is going on is that:

• Various previously unspent outputs were each previously encumbered with requirements to provide signatures generated with private keys.
• One of those previously unspent outputs required a signature from the private key that is associated with the bitcoin address of 1AryzF6c6nsNKG6JuVsWkcDw6jieHCFgrX
• One of those previously unspent outputs required a signature from the private key that is associated with the bitcoin address of 161DLfuWYjVp9Uk2fSys3LBXxNcfsLdHs4
• One of those previously unspent outputs required a signature from the private key that is associated with the bitcoin address of 1JznECXSCkzEzM6g4TJsqvHA5RESTHoCjr
• The previously unspent output that required a signature from the private key associated with 1AryzF6c6nsNKG6JuVsWkcDw6jieHCFgrX provided a value of 0.03148932 as an input to the transaction
• The previously unspent output that required a signature from the private key associated with 161DLfuWYjVp9Uk2fSys3LBXxNcfsLdHs4 provided a value of 0.01952023 as an input to the transaction
• The previously unspent output that required a signature from the private key associated with 1JznECXSCkzEzM6g4TJsqvHA5RESTHoCjr provided a value of 0.03148573 as an input to the transaction
• The appropriate signatures for each of the inputs were provided to the transaction providing proof that the transaction has the authorization to reassign the total value of 0.08249528
• An output was created in the transaction to encumber a value of 0.06367873 with a requirement to provide a signature from the private key associated with the bitcoin address of 12CDvRT86CRVbq6E9U95QFenHKWizXDaHj in order to reassign that value
• An output was created in the transaction to encumber a value of 0.01831655 with a requirement to provide a signature from the private key associated with the bitcoin address of 1J7akepH41mtecZPVZjngVeq8tCyAa2mG in order to reassign that value
• The transaction left a value of 0.0005 unaccounted for (0.08249528 - (0.06367873 + 0.01831655 ) ) = 0.0005
• The miner (or mining poll) that added this transaction to the block that they were working on, and was successfully the first to solve the block, collected the excess unaccounted for 0.0005 BTC value as mining fees

I'm sure there was a lot more that is "going on".  I'm not sure what exactly you are looking for?


No.

0.05 in value was supplied in input from outputs that were previously sent to 1GzodRP...
Of that 0.05 in value, 0.01801427 was sent to 12CDvRT...  and 0.03148573 was sent to 12CDvRT...
It is impossible to be sure which (if either) of those 2 outputs are a "change" address.


No.

In that picture, the person who has the private key associated with the address of 12CDvRT... spent 4 separate previously received outputs providing a total value of 0.12268294 to the input side of the transaction.
That value of 0.12268294 was split up into 2 outputs with a value of 0.1 being "sent to" the 1GzodR... address and a value of 0.02218294 being sent as "change" back to the 12CDvRT... address as a new unspent output.
The remaining unaccounted for value of 0.0005 was claimed by the miner as fees.


Output script is the set of instructions that encumber the value with the requirements that must be met to "spend" the output.
Input script is how the transaction meets those requirements.


Sum the value associated with all the inputs.
Sum the value associated with all the outputs.
The difference between the two sums is the fee.


Use the createrawtransaction, signrawtransaction, and sendrawtransaction API calls in the Bitcoin-Qt "debug console".
Note, this is VERY Very very dangerous if you don't fully understand exactly what you are doing.
Very knowledgeable people who knew exactly what they were doing have been known to accidentally make a very small mistake while trying to create a "manual" transaction.  In some cases the  result was accidentally paying a significant sum of bitcoins to the wrong address.  In other cases the result was paying a significant sum of bitcoins as transaction fees.


You're welcome.

It would help if you could say what client you are using. Bitcoin-qt? online-wallet only? Electrum or Multibit?
I can answer some of your questions:


There are two types of addresses (also called key, but it's prefered to use the name key only for the private one): public and private
A public address is used to receive Bitcoins.
Every public address has a corresponding private address/key, which you need to spend the Bitcoins on that public address.


The amount of Bitcoins you receive in a transaction can only be sent as whole.
Imagine it like receiving a $20 bill, you can only spend it whole, but you will receive change back.
Most clients will automatically create a new address for this change, the change address.
It helps impoving anonymity.


One of the receivers is most likely a change address, but it is possible to send Bitcoins to multiple adresses in one transaction.


He didn't send Bitcoins 4 times, the transaction is just made out of 4 different smaller transaction, e.g. just like you have to pay with 4 x $1 coins to pay for $3.88.
You can manually choose whatever address you want as a change address.

www.bitcoinfees.com
the most common fee is 0.0001 Btc.

Public key = what you need to received btc.
Private key = what you need to send the btc associated with the public key.

input = what you receive.
output = when you send.

Change address: https://en.bitcoin.it/wiki/Change

You don't calculate the fee for a transaction. You include whatever you want. But depending on the size of the transaction some fees are recommended to process faster.

Hi, first of all english isn't my first language. Sorry for bad grammer.

I'm new at bitcoin world and i don't understand some stuff. I'm going to ask some questions and i'll be grateful if someone helps.

Is public key and bitcoin address same thing?
What is input and output? Why are they important?
What is spent and unspent output?
I saw "WIF", "WIP", "BIP" on the forum, i have no idea what they are?
What is "change address" and how do we get one? Why do we need one?
What is a "transaction hash" and what is the use of it?
In this image: http://puu.sh/4qagx.png 3 address sent bitcoins to 2 address. What's going on?
In this image: http://puu.sh/4qakA.png 1GzodRP... sent 0.05 BTC to 1JznEC... and 0.01801427 BTC sent back to first guy's change address (12CDvRT...), am i right?
In this picture: http://puu.sh/4qapy.png same address sent bitcoins to someone 4 times in 1 transaction, and change came back to him. How is that possible? or something else happend and i don't understand.
What is input script and output script, do we need them for anything?
How can we calculate the fee of transaction?
And last question for experts:
How can i create a manual transaction?

For now, that's it. Thanks for your help