本文是比特币白皮书正文的第二部分——交易。(文后有翻译)
Transactions
We define an electronic coin as a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership.
The problem of course is the payee can't verify that one of the owners did not double- spend the coin. A common solution is to introduce a trusted central authority, or mint, that checks every transaction for double spending. After each transaction, the coin must be returned to the mint to issue a new coin, and only coins issued directly from the mint are trusted not to be double-spent. The problem with this solution is that the fate of the entire money system depends on the company running the mint, with every transaction having to go through them, just like a bank.
We need a way for the payee to know that the previous owners did not sign any earlier transactions. For our purposes, the earliest transaction is the one that counts, so we don't care about later attempts to double-spend. The only way to confirm the absence of a transaction is to be aware of all transactions. In the mint based model, the mint was aware of all transactions and decided which arrived first. To accomplish this without a trusted party, transactions must be publicly announced [1], and we need a system for participants to agree on a single history of the order in which they were received. The payee needs proof that at the time of each transaction, the majority of nodes agreed it was the first received.
交易
我们定义,一枚电子货币是这样一串数字签名,每一个货币的所有者将货币发送到下一个所有者,是通过以下方式实现的:
每一个所有者对上次交易和下一个所有者的公钥签署一个随机散列的数字签名
把以上数字签名添加到货币的末端
收款人可以通过检验签名来验证该链条的所有权。
这个过程的问题是,收款人无法验证所有者之一没有双重支付货币。通常的解决方案是,介绍一个可信任的中心权威机构,或者造币厂来核查交易是否双重支付。每笔交易之后,货币必须返回造币厂发布新的版本,只有直接从造币厂发布的货币才可以被认为是没有双重支付。这个解决方案的问题是,整个货币系统的命运依靠的是造币厂的公司运营情况,每一笔交易不得不通过造币厂,就像一家银行。
我们需要收款人有一种方式,能够确保之前的所有者不能对任何更早的交易实施签名。为了达到目的,我们关注的是本次交易之前发生的的交易,而不关注后来的交易是否会发生双重支付。为了确保某一次交易是不存在的,唯一方法就是获悉之前所有的交易。在基于造币厂的模式中,造币厂获悉所有的交易,并且决定了交易的先后顺序。在没有可信任的第三方的情况下为了完成这些,所有交易必须向公众公布,我们需要一个系统,让所有的参与者对接收到的历史顺序达成共识。收款人需要证明在每次交易的时候,所有节点的大多数认同该交易是首次出现。
公钥
公开密钥加密是密码学的一种算法,它需要两个密钥,一个是公开密钥,另一个是私有密钥;一个用作加密的时候,另一个则用作解密。
双重支付
双重支付,如果同一笔钱(数字货币)被重复支付两次,就是双重支付问题,解决这个问题就相当于数字货币的防伪技术。这个问题在物理货币世界并不存在,因为你无法复制黄金。在纸币中,由于纸币由造币厂发行的,设计有复杂的防伪技术,如果有人制造了假币,可以通过法律来制止这些行为。
随机散列
随机散列,是将任意长度的数据映射到有限长度的域上。直观解释起来,就是对一串数据m进行杂糅,输出另一段固定长度的数据h,作为这段数据的特征(指纹)。也就是说,无论数据块m有多大,其输出值h为固定长度。