Press enter or click to view image in full size

Lesson #2

A clear breakdown of the cryptography behind blockchain: hashing, signatures, PoW, UTXO and smart contracts explained with precision.

Blockchain security doesn’t come from firewalls or administrative passwords. It comes from mathematics. Every transaction, block, and wallet is protected by cryptographic primitives designed to make tampering computationally impossible. If blockchain works, it’s because the math leaves no room for shortcuts.

In this article we break down the engine behind distributed trust: hashing, digital signatures, block structure, consensus, the UTXO model, and the shift toward programmable chains. It’s the most important layer to understand — the layer that makes everything above it possible.

1. Hash functions: integrity at the core

At the heart of Bitcoin — and many other blockchains — lies SHA-256, a cryptographic hash function developed by the NSA.
It takes any input, from a single character to an encyclopedia, and produces a fixed 256-bit output.

For a blockchain to function, this hash must satisfy four non-negotiable properties.

Pre-image resistance

Given H(x), finding x should be infeasible.
There’s no inverse function — only brute-force attempts.

Determinism

Same input → same hash.
This allows independent nodes to verify data consistently.

Collision resistance

Finding two different inputs with the same hash is so unlikely that, for all practical purposes, it’s impossible.

Avalanche effect

A one-bit change creates a completely different output.
That’s why mining is fair: every attempt is entirely new.

Concrete example:

• Hello World → a830d7be…f0899
• Hello Wxrld → d2a1f935…c9c94

No pattern. No correlation.
Pure unpredictability.

2. Digital signatures: trust without intermediaries

If hashing protects integrity, digital signatures protect ownership.

Bitcoin uses ECDSA over the curve secp256k1:

• Private key: a 256-bit random number.
• Public key: derived mathematically, but not reversible.

Alice signs a transaction with her private key; anyone can verify the signature using her public key without learning the private one.
This is the cryptographic equivalent of a notarized signature — but global, permissionless, and automated.

3. Inside a block: the data architecture

Understanding blockchain immutability requires looking inside a Bitcoin block.

3.1 The Block Header (80 bytes)

This tiny structure is what miners hash billions of times per second. It contains:

• Version — protocol version.
• Previous Block Hash — the cryptographic link to history.
• Merkle Root — the digest of all transactions in the block.
• Timestamp — Unix time.
• Bits — current difficulty.
• Nonce — the variable miners iterate over.

Change a single transaction in block #100 and its hash changes.
That invalidates the hash stored in block #101.
The chain breaks.
This is immutability as a mathematical consequence, not a promise.

3.2 Merkle Trees and SPV

Transactions are hashed in pairs, re-hashed upward until one root remains: the Merkle Root.

This structure enables SPV (Simplified Payment Verification).
A mobile wallet doesn’t need the entire blockchain — just the block header and a short Merkle proof.
Fast, light, secure.

4. Consensus: from Byzantine generals to Proof of Work

The blockchain solves a classic distributed-systems challenge: how to reach agreement among nodes that don’t trust one another.

4.1 Proof of Work (PoW)

To propose a valid block, miners must solve a computational puzzle:

SHA256(SHA256(Header)) < Target

There’s no analytical solution.
Just trial and error, at scale.

Why it works

• Cost of lying: rewriting history requires recalculating PoW for that block and all that follow.
• Longest chain rule: the chain with the most accumulated work wins.
  Honest miners, with the majority of computing power, extend their chain faster.

4.2 The 51% attack

If someone controls over half of global hashrate, they can secretly mine an alternative chain and overwrite recent transactions (double-spend).
For a network the size of Bitcoin, the hardware and energy cost makes this economically irrational.

5. The UTXO model: how Bitcoin represents value

Bitcoin doesn’t maintain balances like a bank.
It tracks UTXO — unspent outputs.

When Alice sends 1 BTC to Bob:

• She consumes old UTXOs (e.g., 0.8 + 0.4 BTC).
• The transaction creates new UTXOs:
• 1 BTC for Bob
• change back to Alice

Once spent, old UTXOs disappear forever.
The blockchain is simply a ledger of which outputs remain spendable.

5.1 Scripting: spending conditions

Bitcoin uses a stack-based, non-Turing-complete scripting language.

A typical P2PKH transaction works like this:

• ScriptPubKey: defines the spending condition (“signature matching this public-key hash”).
• ScriptSig: provides public key + signature.

Nodes validate by executing the script.
Minimal logic, maximal security.

6. Ethereum and smart contracts: programmable value

Bitcoin maximizes robustness. Ethereum maximizes programmability.

6.1 The EVM is Turing-complete

It can run loops and complex logic.
This enables smart contracts — programs that live on the blockchain and execute deterministically.

6.2 The account model

Ethereum uses an account/balance model instead of UTXOs.
Each account stores its own state, which simplifies application logic for DEXs, lending systems, DAOs, and more.

Conclusion: trust redefined through mathematics

Blockchain isn’t revolutionary because it removes banks.
It’s revolutionary because it replaces institutional trust with verifiable computation.

SHA-256, elliptic curves, PoW, Merkle trees, UTXOs — these are not optional details.
They are the pillars that make decentralized systems possible.

Bitcoin remains the gold standard of security.
Ethereum opens the door to programmable finance.
And the future likely belongs to an ecosystem where value and logic coexist across interoperable layers.

FAQ

1. Why is SHA-256 considered secure?

Because it resists pre-image attacks, collisions, and shows strong avalanche behavior.

2. Can ECDSA signatures be forged?

Only if the private key is compromised. With 256-bit keys, brute-forcing is not feasible.

3. Why does PoW consume so much energy?

By design: making attacks expensive protects the network.

4. How do UTXOs improve security?

They make validation straightforward and reduce ambiguity in transaction states.

5. Will Ethereum replace Bitcoin?

No. Bitcoin maximizes security; Ethereum maximizes programmability. They serve different roles.

p.s
In recent years, I’ve closely followed the evolution of blockchain — from Bitcoin’s early Proof of Work to today’s broader applications. With this series of articles, I aim to clarify the core concepts behind blockchain, consensus, smart contracts, NFTs, and more, transforming them into solid teaching materials for my upcoming course. We’ll also work through practical exercises during the lessons, which I’ll document with dedicated, easy-to-access content.