[Cryptography] How does bitcoin find if a transaction output has already been used.

jamesd at echeque.com jamesd at echeque.com
Wed Jan 23 19:56:53 EST 2019 

On 23/01/2019 23:19, Mike Lisanke wrote:
> Finally, my question exactly, the question nobody in cryptocurrency 
> answers (satisfactorily) ... how does verification work? it's too damn big
> To be more complete... who the heck checks if the verifiers checked? 
> where's the procedure to assure it's correct? who verifies Contracts?
> who verifies ACLs for blockchain DBs? I've asked a bunch of 'experts' 
> who seamed (very -  and I never use this) put off by the question.

What verifies everything is consensus between miners.

The blockchain is a global consensus of transactions on the database, 
and there is a chain of hashes, a merkle dac, guaranteeing that everyone 
agrees on what transactions have been committed, and if all transactions 
are applied correctly, everyone should agree on the resulting database, 
the important and most heavily accessed part of the database being the 
set od unspent transaction outputs, UTXO.

At present a miner has to keep the entire set of unspent transactions in 
ram, which is a hard scaling limit on bitcoin.

But as things scale, database failure becomes more common, resulting in 
consensus failure.  Peers may be operating off different databases, and 
not know that is why they are having trouble agreeing.

You need early detection of discrepancies between the many peer 
databases that represent the result of going through all the 
transactions and applying them to the database.

Because of the likelihood of database failure, which becomes common as 
databases get to a terabyte or so, you need a chain of hashes 
representing not only the transactions committed to the database, but 
also the current state of the entire database, or the current state of 
the list of unspent transaction outputs.

For crypto currency to take over the world, need a mechanism for 
managing the list of unspent transaction outputs where those generating 
consensus do not need the entire unspent transaction  output list in 
memory, and where we have efficient means for detecting and resolving 
disagreements in the current state of the database on top of efficient 
means for ensuring one unchanging append only blockchain of committed 
transactions.

More information about the cryptography mailing list