In the blockchain, bitcoins are registered to bitcoin addresses. Creating a bitcoin address requires nothing more than picking a random valid private key and computing the corresponding bitcoin address. This computation can be done in a split second. But the reverse, computing the private key of a given bitcoin address, is mathematically unfeasible. Users can tell others or make public a bitcoin address without compromising its corresponding private key. Moreover, the number of valid private keys is so vast that it is extremely unlikely someone will compute a key-pair that is already in use and has funds. The vast number of valid private keys makes it unfeasible that brute force could be used to compromise a private key. To be able to spend their bitcoins, the owner must know the corresponding private key and digitally sign the transaction. The network verifies the signature using the public key; the private key is never revealed.[7]:ch. 5
^ Mooney, Chris; Mufson, Steven (19 December 2017). "Why the bitcoin craze is using up so much energy". The Washington Post. Archived from the original on 9 January 2018. Retrieved 11 January 2018. several experts told The Washington Post that bitcoin probably uses as much as 1 to 4 gigawatts, or billion watts, of electricity, roughly the output of one to three nuclear reactors.
As with other cryptocurrencies, the validity of each ether is provided by a blockchain, which is a continuously growing list of records, called blocks, which are linked and secured using cryptography.[30][31] By design, the blockchain is inherently resistant to modification of the data. It is an open, distributed ledger that records transactions between two parties efficiently and in a verifiable and permanent way.[32] Unlike Bitcoin, Ethereum operates using accounts and balances in a manner called state transitions. This does not rely upon unspent transaction outputs (UTXOs). State denotes the current balances of all accounts and extra data. State is not stored on the blockchain, it is stored in a separate Merkle Patricia tree. A cryptocurrency wallet stores the public and private "keys" or "addresses" which can be used to receive or spend ether. These can be generated through BIP 39 style mnemonics for a BIP 32 "HD Wallet". In Ethereum, this is unnecessary as it does not operate in a UTXO scheme. With the private key, it is possible to write in the blockchain, effectively making an ether transaction.

There is ongoing research on how to use formal verification to express and prove non-trivial properties. A Microsoft Research report noted that writing solid smart contracts can be extremely difficult in practice, using The DAO hack to illustrate this problem. The report discussed tools that Microsoft had developed for verifying contracts, and noted that a large-scale analysis of published contracts is likely to uncover widespread vulnerabilities. The report also stated that it is possible to verify the equivalence of a Solidity program and the EVM code.[41]


Network nodes can validate transactions, add them to their copy of the ledger, and then broadcast these ledger additions to other nodes. To achieve independent verification of the chain of ownership each network node stores its own copy of the blockchain.[76] About every 10 minutes, a new group of accepted transactions, called a block, is created, added to the blockchain, and quickly published to all nodes, without requiring central oversight. This allows bitcoin software to determine when a particular bitcoin was spent, which is needed to prevent double-spending. A conventional ledger records the transfers of actual bills or promissory notes that exist apart from it, but the blockchain is the only place that bitcoins can be said to exist in the form of unspent outputs of transactions.[7]:ch. 5

Despite bringing a number of benefits, decentralized applications aren’t faultless. Because smart contract code is written by humans, smart contracts are only as good as the people who write them. Code bugs or oversights can lead to unintended adverse actions being taken. If a mistake in the code gets exploited, there is no efficient way in which an attack or exploitation can be stopped other than obtaining a network consensus and rewriting the underlying code. This goes against the essence of the blockchain which is meant to be immutable. Also, any action taken by a central party raises serious questions about the decentralized nature of an application.


Physical wallets can also take the form of metal token coins[102] with a private key accessible under a security hologram in a recess struck on the reverse side.[103]:38 The security hologram self-destructs when removed from the token, showing that the private key has been accessed.[104] Originally, these tokens were struck in brass and other base metals, but later used precious metals as bitcoin grew in value and popularity.[103]:80 Coins with stored face value as high as ₿1000 have been struck in gold.[103]:102–104 The British Museum's coin collection includes four specimens from the earliest series[103]:83 of funded bitcoin tokens; one is currently on display in the museum's money gallery.[105] In 2013, a Utahn manufacturer of these tokens was ordered by the Financial Crimes Enforcement Network (FinCEN) to register as a money services business before producing any more funded bitcoin tokens.[102][103]:80
Homero Josh Garza, who founded the cryptocurrency startups GAW Miners and ZenMiner in 2014, acknowledged in a plea agreement that the companies were part of a pyramid scheme, and pleaded guilty to wire fraud in 2015. The U.S. Securities and Exchange Commission separately brought a civil enforcement action against Garza, who was eventually ordered to pay a judgment of $9.1 million plus $700,000 in interest. The SEC's complaint stated that Garza, through his companies, had fraudulently sold "investment contracts representing shares in the profits they claimed would be generated" from mining.[71]
To be accepted by the rest of the network, a new block must contain a proof-of-work (PoW).[75] The system used is based on Adam Back's 1997 anti-spam scheme, Hashcash.[85][4] The PoW requires miners to find a number called a nonce, such that when the block content is hashed along with the nonce, the result is numerically smaller than the network's difficulty target.[7]:ch. 8 This proof is easy for any node in the network to verify, but extremely time-consuming to generate, as for a secure cryptographic hash, miners must try many different nonce values (usually the sequence of tested values is the ascending natural numbers: 0, 1, 2, 3, ...[7]:ch. 8) before meeting the difficulty target.
The price of bitcoins has gone through cycles of appreciation and depreciation referred to by some as bubbles and busts.[159] In 2011, the value of one bitcoin rapidly rose from about US$0.30 to US$32 before returning to US$2.[160] In the latter half of 2012 and during the 2012–13 Cypriot financial crisis, the bitcoin price began to rise,[161] reaching a high of US$266 on 10 April 2013, before crashing to around US$50. On 29 November 2013, the cost of one bitcoin rose to a peak of US$1,242.[162] In 2014, the price fell sharply, and as of April remained depressed at little more than half 2013 prices. As of August 2014 it was under US$600.[163] During their time as bitcoin developers, Gavin Andresen[164] and Mike Hearn[165] warned that bubbles may occur.
Wallets and similar software technically handle all bitcoins as equivalent, establishing the basic level of fungibility. Researchers have pointed out that the history of each bitcoin is registered and publicly available in the blockchain ledger, and that some users may refuse to accept bitcoins coming from controversial transactions, which would harm bitcoin's fungibility.[123] For example, in 2012, Mt. Gox froze accounts of users who deposited bitcoins that were known to have just been stolen.[124]
Mining is a record-keeping service done through the use of computer processing power.[e] Miners keep the blockchain consistent, complete, and unalterable by repeatedly grouping newly broadcast transactions into a block, which is then broadcast to the network and verified by recipient nodes.[75] Each block contains a SHA-256 cryptographic hash of the previous block,[75] thus linking it to the previous block and giving the blockchain its name.[7]:ch. 7[75]
Network nodes can validate transactions, add them to their copy of the ledger, and then broadcast these ledger additions to other nodes. To achieve independent verification of the chain of ownership each network node stores its own copy of the blockchain.[76] About every 10 minutes, a new group of accepted transactions, called a block, is created, added to the blockchain, and quickly published to all nodes, without requiring central oversight. This allows bitcoin software to determine when a particular bitcoin was spent, which is needed to prevent double-spending. A conventional ledger records the transfers of actual bills or promissory notes that exist apart from it, but the blockchain is the only place that bitcoins can be said to exist in the form of unspent outputs of transactions.[7]:ch. 5
Ethereum was officially with an unusually long list of founders. Anthony Di Iorio wrote "Ethereum was founded by Vitalik Buterin, Myself, Charles Hoskinson, Mihai Alisie, & Amir Chetrit (the initial 5) in December 2013. Joseph Lubin, Gavin Wood, & Jeffrey Wilke were added in early 2014 as founders." Formal development of the Ethereum software project began in early 2014 through a Swiss company, Ethereum Switzerland GmbH (EthSuisse).[13][14] The basic idea of putting executable smart contracts in the blockchain needed to be specified before the software could be implemented; this work was done by Gavin Wood, then chief technology officer, in the Ethereum Yellow Paper that specified the Ethereum Virtual Machine.[15] Subsequently, a Swiss non-profit foundation, the Ethereum Foundation (Stiftung Ethereum), was created as well. Development was funded by an online public crowdsale during July–August 2014, with the participants buying the Ethereum value token (ether) with another digital currency, bitcoin.
^ Chan, Edwin. "China Plans to Ban Cryptocurrency Mining in Renewed Clampdown". www.bloomberg.com. Retrieved 10 April 2019. While China was once home to about 70 percent of Bitcoin mining and 90 percent of trades, authorities have waged a nearly two-year campaign to shrink the crypto industry amid concerns over speculative bubbles, fraud and wasteful energy consumption.
The price of bitcoins has gone through cycles of appreciation and depreciation referred to by some as bubbles and busts.[159] In 2011, the value of one bitcoin rapidly rose from about US$0.30 to US$32 before returning to US$2.[160] In the latter half of 2012 and during the 2012–13 Cypriot financial crisis, the bitcoin price began to rise,[161] reaching a high of US$266 on 10 April 2013, before crashing to around US$50. On 29 November 2013, the cost of one bitcoin rose to a peak of US$1,242.[162] In 2014, the price fell sharply, and as of April remained depressed at little more than half 2013 prices. As of August 2014 it was under US$600.[163] During their time as bitcoin developers, Gavin Andresen[164] and Mike Hearn[165] warned that bubbles may occur.
Every 2,016 blocks (approximately 14 days at roughly 10 min per block), the difficulty target is adjusted based on the network's recent performance, with the aim of keeping the average time between new blocks at ten minutes. In this way the system automatically adapts to the total amount of mining power on the network.[7]:ch. 8 Between 1 March 2014 and 1 March 2015, the average number of nonces miners had to try before creating a new block increased from 16.4 quintillion to 200.5 quintillion.[86]
Ethereum addresses are composed of the prefix "0x", a common identifier for hexadecimal, concatenated with the rightmost 20 bytes of the Keccak-256 hash (big endian) of the ECDSA public key (the curve used is the so called secp256k1, the same as Bitcoin). In hexadecimal, 2 digits represents a byte, meaning addresses contain 40 hexadecimal digits. An example of an Ethereum address is 0xb794F5eA0ba39494cE839613fffBA74279579268. Contract addresses are in the same format, however they are determined by sender and creation transaction nonce.[34] User accounts are indistinguishable from contract accounts given only an address for each and no blockchain data. Any valid Keccak-256 hash put into the described format is valid, even if it does not correspond to an account with a private key or a contract. This is unlike Bitcoin, which uses base58check to ensure that addresses are properly typed.
Properties of cryptocurrencies gave them popularity in applications such as a safe haven in banking crises and means of payment, which also led to the cryptocurrency use in controversial settings in the form of online black markets, such as Silk Road.[67] The original Silk Road was shut down in October 2013 and there have been two more versions in use since then. In the year following the initial shutdown of Silk Road, the number of prominent dark markets increased from four to twelve, while the amount of drug listings increased from 18,000 to 32,000.[67]
In 2016 a decentralized autonomous organization called The DAO, a set of smart contracts developed on the platform, raised a record US$150 million in a crowdsale to fund the project.[25] The DAO was exploited in June when US$50 million in ether were taken by an unknown hacker.[26][27] The event sparked a debate in the crypto-community about whether Ethereum should perform a contentious "hard fork" to reappropriate the affected funds.[28] As a result of the dispute, the network split in two. Ethereum (the subject of this article) continued on the forked blockchain, while Ethereum Classic continued on the original blockchain.[29] The hard fork created a rivalry between the two networks.
Bitcoin is pseudonymous, meaning that funds are not tied to real-world entities but rather bitcoin addresses. Owners of bitcoin addresses are not explicitly identified, but all transactions on the blockchain are public. In addition, transactions can be linked to individuals and companies through "idioms of use" (e.g., transactions that spend coins from multiple inputs indicate that the inputs may have a common owner) and corroborating public transaction data with known information on owners of certain addresses.[120] Additionally, bitcoin exchanges, where bitcoins are traded for traditional currencies, may be required by law to collect personal information.[121] To heighten financial privacy, a new bitcoin address can be generated for each transaction.[122]
J. P. Morgan Chase is developing JPM Coin on a permissioned-variant of Ethereum blockchain dubbed "Quorum".[53] It's designed to toe the line between private and public in the realm of shuffling derivatives and payments. The idea is to satisfy regulators who need seamless access to financial goings-on, while protecting the privacy of parties that don't wish to reveal their identities nor the details of their transactions to the general public.[54]
Cryptocurrencies are a potential tool to evade economic sanctions for example against Russia, Iran, or Venezuela. In April 2018, Russian and Iranian economic representatives met to discuss how to bypass the global SWIFT system through decentralized blockchain technology.[56] Russia also secretly supported Venezuela with the creation of the petro (El Petro), a national cryptocurrency initiated by the Maduro government to obtain valuable oil revenues by circumventing US sanctions.[57]
J. P. Morgan Chase is developing JPM Coin on a permissioned-variant of Ethereum blockchain dubbed "Quorum".[53] It's designed to toe the line between private and public in the realm of shuffling derivatives and payments. The idea is to satisfy regulators who need seamless access to financial goings-on, while protecting the privacy of parties that don't wish to reveal their identities nor the details of their transactions to the general public.[54]
According to PricewaterhouseCoopers, four of the 10 biggest proposed initial coin offerings have used Switzerland as a base, where they are frequently registered as non-profit foundations. The Swiss regulatory agency FINMA stated that it would take a "balanced approach" to ICO projects and would allow "legitimate innovators to navigate the regulatory landscape and so launch their projects in a way consistent with national laws protecting investors and the integrity of the financial system." In response to numerous requests by industry representatives, a legislative ICO working group began to issue legal guidelines in 2018, which are intended to remove uncertainty from cryptocurrency offerings and to establish sustainable business practices.[50]

In September 2015, the establishment of the peer-reviewed academic journal Ledger (ISSN 2379-5980) was announced. It covers studies of cryptocurrencies and related technologies, and is published by the University of Pittsburgh.[231] The journal encourages authors to digitally sign a file hash of submitted papers, which will then be timestamped into the bitcoin blockchain. Authors are also asked to include a personal bitcoin address in the first page of their papers.[232][233]
×