People writing about blockchain technology are usually proponents or boosters of the technology, or at least “neutral parties.” This means that they engage in “technological realism,” in which they describe the tech without contextualizing why it is the way it is and what it’s really for.

Meanwhile, people writing critically about the crypto space often lack any technical grounding on how the whole thing works. I really recommend Stephen Diehl’s blog for a more technical person writing sensibly about this stuff; but Stephen hasn’t written a technical summary aimed at laypeople.

The goal of this article is to explain how blockchains actually work without resorting to metaphors or handwaving. I’m going to skip over details, obviously, and I’m not going to get into the mathematical or computational nitty-gritty of how this stuff works; but the goal is to give people a conceptual overview.

This post only goes as far as explaining Bitcoin and cryptocurrencies; NFTs, smart contracts, and other more recent developments of the technology are left for a future post, since this is already very long.

To explain the underlying technology, I’m going to use the example of building a digital currency system. Blockchains are not only touted as being a solution in that case, of course. But it is the original, big use case that brought them into the mainstream and seems to have popularized the term “blockchain.”

Now, we already have a fully functioning global digital currency system; you interact with this system every time you make a purchase with a credit or a debit card, or you send someone a wire transfer via your bank. Parts of this system have been in place since the sixties and seventies. I’m going to use “the banking system”, broadly, as an example of how “digital money” has traditionally been solved already. Because Bitcoin and other blockchains don’t solve for “digital money,” broadly, but rather for a very specific conception of how digital money should work.

First things first: We all understand (I hope) that when you swipe a credit card or make a wire transfer, no actual physical cash moves anywhere. I think a lot of people understand the digital money in their conventional bank accounts as just “a number” your bank holds somewhere, but that’s not all it is. Banks store a history of transactions stretching back to the very beginning of your account. Your balance is just the sum of all transactions.

A registry of transactions is a ledger, and banking is really the storing of ledgers. This has pretty much always been the case — even before computerization, banks didn’t really store large vaults full of money; rather, they kept ledgers, and most “money” in circulation really existed as transactions on those ledgers. This is as old as banking itself, and historically banks have only held a fraction of their outstanding deposits as actual cash on hand.

Both the traditional banking system and cryptocurrencies are ledgers; in spite of being called “Bitcoin” and not “Bitledger”, individual bitcoins are not objects in their own right that can be exchanged between two parties without anyone else’s participation, they are the sum of transactions held on a ledger.

There are two problems that must be solved to have a functioning bank ledger:

  • Authentication; that is, knowing that a transaction was initiated by the holder of the corresponding account, and not some random other actor;
  • Validation; that is, only accepting transactions when there actually is sufficient balance in an account.

A ledger system (be it a bank or the decentralized network of a cryptocurrency) must be able to take in transactions and reject them either for bad authentication (“that’s the wrong PIN”) or for being invalid (“your card is maxed out and was declined.”).

In conventional online banking, authentication is solved with conventional authentication factors — your credit card’s number, PIN, security code, expiration date, etcetera. A lot of banks will also ask for extra authentication or block transactions if they think they are “suspicious.” Authentication factors can be relatively easy to steal or falsify, but there is also a second layer of security: Transactions can be rolled back. So, if the automated systems of authentication fail, your bank’s fraud prevention department, and ultimately the court system, are also part of the security model.

Validation is easily solved: your bank acts as a trusted third party that validates transactions. Your bank will accept or decline any given transaction based on whether it comes with the right authentication factors and on whether you have outstanding balance.

Bitcoin, and subsequent cryptocurrencies, add two extra requirements. Those requirements are, I should say, pretty much just ideological in nature; there’s no security advantage to them for most people. In fact, they remove the possibility of rolling back transactions, which makes cryptocurrencies substantially less secure for average people. But they conform the the ideological beliefs of Bitcoin’s original designers, and so they are taken as a given:

  • “Trustless”: The system must operate without need for a trusted third party — you should be able to still rely on the system even if you assume that some of the other participants are bad actors.
  • “Permissionless”: There are no privileged parties at all; anyone can create or validate transactions, and no participant in the system has any kind of special status.

Now, “trustlessness” here is in a very technical sense. It specifically means that there is no “trusted third party” needed at any point in the process, and that when someone sends you money, you can verify that they actually did and you don’t have to take their word for it.

That’s it, though. The system (obviously) can’t verify that a merchant actually sent you the physical goods they promised to send you in the real world. In reality, the cryptocurrency security model requires more trust on the part of a user. With a credit card, I can go on Etsy and buy all manner of regretful tat; if one of the sellers is a scammer and never sends me the goods, or sends me something that in no way resembles the item listed, I can get the transactions rolled back. With cryptocurrency, my only resort is maybe to try and sue the seller, assuming I can find them.

With these two added challenges of “trustlessness” and “permissionlessness” in mind, let’s go over how Bitcoin (and its descendants) go about solving the twin problems of authentication and validation.

Authentication

Authenticating a transaction is still fairly straightforward. Like most secure systems online — including your bank’s own phone app and the HTTPS connection you are reading this very website over — cryptocurrencies use asymmetric key cryptography.

In asymmetric key cryptography, each party generates two cryptographic keys; a public key, and a private key. To send someone a secret message, you use their public key to encrypt your message — which can then only be decoded by using the corresponding private key. As long as the private key remains secret, you could send your encrypted message through an unsecured channel, and nobody would be able to read its contents.

The counterpoint to encrypting with a public key is signing with a private key. You can use your private key to sign a message; anyone who has your public key can then verify that signature, proving mathematically that:

  • Whoever signed the message had access to the corresponding private key;
  • The message was not altered or tampered with, as doing so would require changing the signature

Unlike with a regular signature, you can’t copy paste a digital signature onto a different message — each message requires a unique signature that verifies only that specific message.

In cryptocurrencies, this is used to solve the problem of authentication. Every account — an “address” in bitcoin terminology — is essentially just a private key with an associated identity. To create a transaction, you write a message with a special format, sign it using your key, and broadcast it to all the computers that are participating in the same cryptocurrency network.

By verifying that signature, those computers can verify that it’s really you creating the transaction, and that the contents of the transaction haven’t been tampered with. Or, at least, they can verify that someone with access to that particular key sent the message. Bitcoin addresses are secured through a single authentication factor — the private key — and that single factor is easily lost or stolen. As there is no redundant second layer of defense — no fraud protection department for the blockchain! — if you lose your private key, you lose all the money in that address, period.

Typically, a crypto user will make use of several different addresses. Software that stores the private keys to one or more addresses is known as a “wallet.” A wallet can be “hot” (on a device connected to the internet) or “cold” (stored offline — including just printing the private key on paper and storing that).

“Physical bitcoins” that you might have heard of are just cold wallets in a fancy substrate, such as printed underneath a peel-off foil sticker on a gold coin. Of course, if you get paid with a physical bitcoin, there’s absolutely no guarantee that, for example, the company that “minted” those fancy gold coins didn’t just keep all the private keys stored on a server somewhere, where they could be stolen.

Validation

Validation is where things get complicated.

First, in order for the system to be trustless and permissionless, validation must happen entirely in the open. So, transaction history must be entirely public, and shared by all users of the system. While cryptocurrencies offer anonymity (nobody knows who you are, as you’re just using an anonymous cryptographic key as an identity) it does not offer privacy (people can see everything you’re doing). There are ways of getting around that, but they’re outside the scope of this article.

Second, for validation to actually work, there must be a mechanism for consensus. Otherwise, you can’t actually trust in the system at all. Everyone in the network has to agree on which transactions were sent, and in what order, to be able to validate future transactions.

Otherwise, I’d be able to double-spend my coins — I could send Alice a message saying that I gave her $10, and send Bob another message saying I gave him the same $10. Even if Alice and Bob do talk to each other and identify the fraud, you need an algorithm that can determine which, if any, of those two transactions to consider valid.

Remember, this is a world without laws, judges, or trusted third parties. So the only way to solve this problem is through a rule that can be implemented by all participants and which leads to consistent results for all participants, even if some participants are malicious. The blockchain is (one) solution to this problem.

The one last piece of computer science needed to understand how it all actually works are cryptographic hash functions.

A hash function is a function that takes one piece of data (of arbitrary size) and spits out a “hash” of fixed size. You can put in a name, a file, the complete works of Shakespeare, anything — out you get a seemingly-random sequence of bytes. This is the hash, and it acts essentially as a unique “fingerprint” for a piece of data.

Hash functions are deterministic — if you give them the same data, they will always give you the same result. So, for example, they can be used to verify a file’s integrity.

Back in the day, when you posted some file on a forum, you might also post the file’s hash. That file could then be mirrored or shared through any shady file-sharing service; users who downloaded it could be confident that they had the original file, from the original Trusted Poster, by checking that the file they downloaded also had the same hash. Hashes are another very ordinary part of the cryptographic infrastructure that’s used everywhere on the internet.

Cryptographic hashes also have a few useful properties:

  • It’s not computationally feasible to start with a hash and work backwards to generate a corresponding file. This means that if two files have the same hash, they can be assumed to be the same file; a malicious actor can’t generate a fraudulent file with different contents but the same hash.
  • A small change to the original file will create a completely different hash — that is, hashes of similar files will appear entirely unrelated.

How the blockchain actually works

Okay - armed with an understanding of what this is originally for and the cryptographic building blocks it’s made out of, we can go into the question of how it actually works.

We have our ledger of transactions, and everyone keeps their own copy of that ledger; so, the problem of consensus is the problem of keeping everyone’s ledgers in sync, having everyone agree on the “canonical” version of the ledger.

To accomplish this, we process transactions and add them to the ledger in batches — or “blocks.” A “block” is just a section of the ledger, containing a pile of transactions. Each block references the preceding block through its cryptographic hash, going back all the way to the original “genesis block.”

That’s why it’s called a “blockchain” — each block references its “parent” block, and is referenced by its “child” blocks in turn.

An important feature of this is that it’s impossible to go back and make changes to an old block. If you change one block, you change its hash. That hash needs to be included in the next block — so, changing that hash would also change the subsequent block, and so on unto infinity. So, to change one block, you would have to then change every subsequent block.

This doesn’t quite get us there, though. To achieve the permissionless and trustless dream, there has to be some distributed way to get everyone to agree on what the next block is. Bitcoin, and subsequent blockchains like Ethereum, do this via a lottery; they give one specific computer on the network the privilege to generate each block on the chain. Thus, even though there are thousands of computers on the network, only one is the “winner” each block and gets to generate a canonical block and add it to the chain.

Bitcoin and other cryptocurrencies use the metaphor of “mining” to describe this process, but that metaphor obscures what is really going on. A bitcoin “miner” is essentially processing transactions — authenticating and validating messages sent by the other computers on the network, rolling them up into a block, and adding that block to the blockchain. For doing this, miners are given a “mining reward” — they get to create new bitcoins out of thin air and add them to their accounts. They also get to charge everyone else a transaction fee.

When you create a bitcoin transaction, you can specify a transaction fee; this is voluntary, like a tip, except that miners are free to pick and choose which transactions they include into a block. Obviously, they will pick the transactions with the highest fees. So, in practice, users are participating in a constant auction to bid on transaction processing.

The way the system picks a winning “miner” to generate the next block is known as proof-of-work. In Bitcoin and descendant systems, this is pretty simple. A block is only valid if its hash ends in long string of zeros.

To achieve this, a random number is added to the block’s header, called a “nonce.” To mine, a computer composes a block of different transactions and hashes it. If the hash is “valid” — if it ends with all those trailing zeroes — then that’s a winning block and the miner gets to broadcast it to the rest of the network. Otherwise, the miner changes the nonce and tries again.

There is no known way to generate a message that gives a specific hash, so the only way to do this is by brute force — trying different nonces until you get a valid hash.

This solves the double-spending problem; transactions are only really valid once they are part of the blockchain, and the computational cost of generating a valid block is very, very high. If I try to broadcast two conflicting transactions — “Send $10 to Alice” and “Send $10 to Bob” at the same time, when I only have $10 in my account — each miner would simply only include the first message they heard in the block they were trying to mine. If they included both, the block wouldn’t be valid as it would contain an invalid transaction, so miners perform transaction validation as part of the process of mining.

Whichever transaction actually went through would be up to chance, based on which miners heard which message first, and who actually got to mine that into a block based on the “hash lottery” that is mining.

Of course, it is possible for two miners to generate two different, but equally valid, blocks at roughly the same time. In real-world blockchains like bitcoin this happens all the time, and is known as “forking.” The system deals with this by having everyone keep both “branches” of the blockchain, and waiting to get some more blocks; whichever fork is longest is considered the “canonical” one.

Because of this, miners quickly converge on mining the same chain, as it’s pointless to keep mining a block on a fork of the chain that’s already been overtaken by another. Effectively, transactions are never truly “verified” on the blockchain, but after they are buried a few blocks deep it’s prohibitively expensive to try and alter them, and they can be considered “done” in practice. Depending on the amount of money you’re dealing with, you may wait for more or fewer blocks before accepting the transaction as finished.

This is a lot to take in, I know. But let me move on to:

The Consequences

First, proof-of-work is why Bitcoin and Ethereum are such colossal wastes of energy. Mining is a financially incentivized activity, and a competitive one at that; if you can put more energy towards mining, you are more likely to find valid blocks, and thus to make money.

Almost all mining is done by “mining pools” of thousands of computers which share the computational burden and the rewards; otherwise, it’d be impossible to get consistent returns from mining, as you might very well run out of money to pay for electricity before one of your hash lotto tickets “won.” Mining pools generate their returns pretty much proportionally to the share of total mining power they control. The entire system is more or less designed to let its power consumption and hardware needs spiral out of control.

Keep in mind that this energy is not being spent, really, on validating transactions, even though this is effectively the role of miners in the ecosystem. Rather, the energy is being spent maintaining that “permissionless” consensus. Accepting the existence of trusted third parties — aka, banks — immediately removes the need for proof of work, or any of this nonsense.

Of course, the idea that no party in the system has a special status is also ultimately false. Bitcoin and other major cryptocurrencies are dominated by small numbers of large mining pools. In reality, just like how you have to deal with the banks because they are an entrenched part of the financial system, you have to deal with the big crypto mining pools and exchanges because they are an entrenched part of the crypto system — only with much less regulation.

A big part of coiner logic is the idea that “code is law” but that comes with an unstated blind spot — anything that isn’t directly encoded in a codebase can be ignored and is “not real” to these people. Hence, even though social and economic forces make power in the Bitcoin ecosystem extremely concentrated, it is possible for them to believe it’s all “decentralized.”

Second, this is also why transactions take forever to process. Bitcoin is designed so that one block is mined every ten minutes or so. If mining is going too fast, the protocol will actually slow itself down by lowering the odds that a given block is valid.

And you can only be reasonably certain that a transaction is truly valid after it’s a few blocks deep in the chain, too. So at a baseline, a bitcoin transaction can only really be validated after 30 minutes to an hour, depending on your risk tolerance.

Beyond that, Bitcoin blocks have a finite maximum size, meaning that the throughput of how many transactions can be transacted is essentially capped.

In practice, the Bitcoin blockchain has, for years, been dead as a system for making financial transactions at the scale of individual users. Almost all of the “bitcoin economy” now happens within exchanges that operate essentially just like banks — they act as trusted third parties, verify transactions, and maintain their own ledgers. Those exchanges then use the blockchain to transact between each other, shifting large volumes of bitcoins around much like how real banks will settle their accounts between each other overnight.

There are various “layer two” solutions that build little small blockchains on top of a big blockchain that allow for faster transactions, but those are a conversation for another day. Spoiler, though: they largely don’t work.

That’s it, though. If you made it this far: Congratulations, you understand blockchain technology! Or you might, anyway. Part of why this stuff is hard to understand is that it doesn’t really stem from an actual logic most people can see; the motivations behind why the system is the way it is are ideological, not technical, and so the whole thing is conceptually slippery.

This is definitely an incomplete summary — I didn’t get into NFTs, for example, or smart contracts. I also didn’t dive deep into the ideological underpinnings of the whole movement, beyond pointing out that they exist. But this post is already long enough. If you have comments, well — if you’re someone I care to hear from, you probably know where to find me.