# An overview of security

At this point I would like to reiterate: Please don't panic if you do not understand something. Read it a few more times, fiddle around with the terms on the internet for a while, if you still don't get it, just move on, and know that you will understand it at a later point when the topic is referred to again with some other details.

In the previous article, we saw the fundamental structure of a block-chain that bitcoin uses as a ledger. But bitcoin refines this structure to implement a protocol which forces a delay on how fast new blocks can be added. This change has a very good impact on the security model. There is no need of any kind of trusted servers (nodes), instead all the events can be recorded by a set of untrusted nodes called "miners". Every miner keeps track of blocks, rather than the general users, and anyone can become a miner by solving computational puzzles to create new blocks. Bitcoin also is free of the signatures which we saw in the timestamping scheme. But why don't we need signatures? Because all verification is done only by hash pointers, which are solely responsible for the integrity of the complete data structure. The exact timestamp does not matter much in the bitcoin system; the only thing that is important is the relative ordering of the transactions.

In brief, bitcoin combines these two primary ideas:

• Using computational puzzles to regulate the creation of new currency units.
• Secure timestamping to record transactions in a ledger and prevent the double spend problem.

This has a very good and favorable outcome: imagine if instead of the miners, we had some trusted nodes that keep recording the transactions. In that case, if there is a discrepancy about a transaction between the trusted servers (one or more of the trusted nodes misbehave), there is no proper definite way to resolve it (although it is implicit to go with the majority). On the other hand, going with a bunch of miners, it is clearly observable that in order to misbehave successfully, an attacker (the malicious node) will have to solve computational puzzles faster than all the other nodes combined! This is precisely what we would have done in case of a conflict with the trusted nodes architecture, but look at this for a while, here we are actually quantifying the security of the model by saying that an attacker will need to have more than 50% computing power of the whole bitcoin network (to be able to solve puzzles faster than everyone else combined). But as we eliminated the concept of trusted nodes, anyone can become a miner, so essentially there are numerous such nodes (hash-rate distribution among pools). Hence it is extremely difficult for a single miner to own so much computing power, and this helps us because it is a very reliable security model and it helps us to use numbers to quantify this security.

Another thing to note is that since we keep getting better hardware at a much cheaper value for a fixed amount of computing power, bitcoin uses a mechanism (to be discussed later) to automatically adjust the difficulty and complexity of the computational puzzles. This is important as an absence of such a mechanism will lead to the bitcoins becoming worthless as it becomes too easy to generate (mine) new coins.

Now we are ready with all the foundation and we can jump into the cool stuff. The next section is about cryptography, which is an extremely important subject to understand in the view of bitcoin.