Appreciate the replies, still don't quite get it.  I read that article a few days ago, even commented on it asking a similar question.

I understand the private key is used to generate a sig, but then you send your sig to a node.  People can't guess the key from the sig, but if they have the sig and the public address, why can't they spend more coins from that address using the same sig?

I always assumed there's some reason you can't reverse engineer a private key using the sig and address, but given that you know what math was used to generate it, and presumably can do that math backwards, why it can't be reverse engineered is where I get lost.  I'm sure it has something to do with like SHA 256 or something.  But I would think people know what math and process these encryption protocols use, and could work backwards from a sig.

A thought occured to me, maybe any given sig public key combo could only be worked backwards to a lot of possible private keys due to random numbers.   That makes some sense if I'm right. 

I've wrapped my head around most of how it works, but a couple things I still don't quite get.  Ignore if you would be irritated in entertaining my questions   Otherwise go for it.

The whitepaper glazes over some things that I guess you have to read up on crypto and signatures and hashing, and I'm sorry to say, I would like more direct info then trying to read detailed information about these topics.

So someone who wants to own Bitcoin gets an address and a private key.  What generates these, and how are they transmitted?  Are they generated on the user's own computer using the client after they've downloaded the blockchain?  Do you need to have a bitcoin in an address for it to exist or can it be created empty? 

If the software can create an address and private key, what stops someone from modifying the software to create address/key pairs that don't yet exist, but not add them to the blockchain, so that when one of the addresses is actually created via transaction, they will already have the private key to go with it?  Is the key randomly chosen first, then address generated from that, or the reverse, or neither?

Signature questions.

So you send your sig with your address to other nodes when sending bitcoins.  Assuming address still has bitcoins on it after the transaction, what prevents using the same signature to spend more coins from that address?  Does the private key change, does the sig generator use more than just address/key to generate sig?  If so what? 

Thanks.

That's an awesome resource, but I'm willing to except some blurred lines in order to simplify the query greatly.  Such levels of specificity would be alright if deciding whether to mine at 550 vs 575 dollar exchange rate, but probably not necessary if you expect current volatility to continue, if not accelerate.

Of course if one expects such a thing, they should maybe just a buy a coin anyways.  I'm not really interested in mining as I feel price is always going to keep the pool crowded, but I am interested in the price action and analyzing it technically and fundamentally.  For that I need more a feel of the average cost of miners than one specific mining rig.

I see a lot of people telling others, especially newbies, that it's not worth it to even try, and they have a vested interest in shoo'ing away people.

I'm going to give them the benefit of the doubt.

Here's what I'd like to know, is there a fairly simple calculation involving difficulty and price that can give a dynamic answer to whether it's 'worth it' (meaning if you spend an average amount per GH including power requirements)?

I would think those two numbers the most important, and we are at 800 dollars a bitcoin right now, which makes me think it's got to be worth it while at that price, until a certain difficulty.

Thanks, very interesting.

Is it still ASICs?  Or is there any scenario where investing in older vid cards for very very cheap could produce faster results per $ invested?  Is there a chart anywhere that shows the GH capability of various vid cards?

Thanks for the replies, this helps me a lot.  It's clear I don't understand enough, but I disagree about whether or not I should be asking questions.  Until a whitepaper was mentioned here, I had no idea such a thing existed.  Had I not asked, I still wouldn't.

"You might as well be saying, "I have no idea how an internal combustion engine works, and I don't really want to bother learning about it.  Can someone just tell me why putting gasoline into the tank of my car makes it so the wheels can turn when I press the accelerator?""

Eh, you could tell them how a combustion engine works (to my brain it's simpler than bitcoin).   Anyone interested in bitcoin expansion is going to deal with people far less knowledgeable than I, and people in general aren't going to take a programming class to understand how their currency works.  Inconvenient, I realize.  A quicker, easier method of explaining to the uninitiated why their money is safer than their Playstation Network personal information is likely going to be vital at some point.  Right now, seemingly impossible.

I thank you guys again, lots of good responses to questions coming from a less knowledgeable base.

Sadly I don't really have any answers yet.  Just more of "it verifies against other copies".  Not that I don't appreciate, and maybe I'm just too dense for this.  But let me give it another try.

"When a person sends bitcoin as a form of payment, the transaction is sent to each peer that they are connected to. Each of those peers validates the transaction before relaying it to each peer that they are connected to.  Each of those peers validates the transaction before relaying it to each peer that they are connected to, and so on, and so on until almost every node on the network is aware of the transaction."

How many peers are we talking about?  If one peer reports the transaction is invalid, but 4 say it's valid, what then?  Is it majority decision, or does it have to be 100%?

"Each node verifies that the appropriate signatures have been provided and compares the transaction to the history of transactions that they already know about to make sure that the funds being spent are previously unspent.  If the receiver is running a full node (such as Bitcoin-Qt, then their software does the same when it hears about the transaction from any of the peers that it is connected to."

Is the signature something different from the public key, private key, address?

"You would have to alter the blockchain on every node on the entire network. Otherwise, it would become quickly obvious that your copy of the blockchain didn't match your peers. All you'd have to do then is regenerate your blockchain and any invalid transactions would become immediately identifiable since the hash wouldn't match."

This is important.  Yes, it's given that your copy would not match peers.  But not just yours, many others, all not matching each other.  I'm assuming that if malware had compromised a node or miner, that it would not longer be capable of detecting bad hashes.  It would tell you that yours is fine.  Uncompromised nodes wouldn't agree, but what then?  Retailers might still be connected to compromised nodes that could tell them whatever the malware wanted right?  

Or even worse, if the node software on the payment gateway were compromised, it might not even really reach out to other nodes, and just approve all fake transactions.  It might not directly compromise the blockchain for the overall system, but that gateway would be hosed financially.

Now about the hash.  Why can't that be faked by malware?  And further, is there private info (like private key for example) that is sent to the payment gateway that's used to generate a hash, but then isn't actually stored in the block?  If so, is that private key sent to all the nodes like the transaction to verify that the hash is correct, or can it verify that without needing the key? this might be too tedius to answer, I'll understand.

You said no central server.  I had read that bitcoin can change the way the blockchain is stored.  How would that be possible without some central server to refer to for instruction?  I seriously google every way I can "where do bitcoins come from" and read everything and I still don't get a clear answer, I assume because most media that write about it also don't understand what they are writing.  I don't get how new ones are generated, or if that involves some central resource or verification.  

"Each node compares against it's own copy."

I don't know what UTXO is.  Each node compares against it's own copy, and then what?  Does it trust it's own copy more than what other nodes tell it in case of a conflict or what?  I feel like I'm going to keep getting the same answer about hashes and verification and this ability to use these things to know whether or not a transaction is valid... when I don't understand how such a thing is possible... Maybe not impossible, but how it's infallible is what confuses me.  At one point in time, CC takers could use math to tell whether or not a credit card number was a POSSIBLE real one.  But the only way to know that it was a real one that belonged to Teri A Kan was to check a database that spelled that out for them.  I find any verification less than this hard to grasp.

I have not read the whitepaper.  

"If malware was created that could simultaneously alter every copy of the blockchain in existence in exactly the same way, I suppose it would be possible to destroy some information from the blockchain.  However, there are people who keep copies of the blockchain offline.  There are copies on multiple operating systems, both on and offline all over the world.  It would be exceedingly difficult to damage them all in an identical way simultaneously."

True, and you can't blame the system if a payment gateway infected with malware results in massive fraud, as the same can happen with banks and credit cards... with one huge exception that since bitcoin fraud victims have absolutely no recourse (assuming the gateway has protected itself through geographic locations or user agreements or both).  But once again this ability to just take the one true copy of the blockchain to fix all the incorrect ones via verification that is infallible seems to be at the heart of my confusion.

"In order to create blocks that "match and confirm each other", the attacker would have to generate an appropriate proof-of-work.  Since each block includes the hash of the block before, it would be necessary to complete more proof-of-work than the entire honest network.  This is often known as a 51% attack (since it requires the attacker to have more than 50% of the entire netowrk's hashing power to reliably accomplish it for an extended period of time).  In this case, the blocks broadcast by the attacker are considered valid (as long as they only include valid transactions that spend unspent transaction outputs and have appropriate signatures)."

This is way above me.  Uncompromised nodes would know what's wrong, but how would people know what's compromised and what's not if they don't know which nodes are compromised by hidden attacks?  And also, what if just one node another node is connected to reports back that 99999999999999 other nodes agree with it (it lies), so that it outweighs the report back from all the nodes it's connected to that are actually checking with the rest of the network?

"And when a significant % of nodes get compromised, and payment processors are trying to do business during such a situation, which nodes are going to be providing them with verification of funds etc?

I don't understand the question."

See if I can clarify.  The payment gateway communicates with several other nodes to verify right?  If X number come back saying one thing and X come back saying something else, how does that gateway know which to believe?

Thanks.

I've read this vague answer a few times, so it just isn't entirely clear how that would prevent anything.   I've read the proof of work page on the wiki, it doesn't shed any light on it.  You have this network of nodes that store a file or filesystem of data called the block chain, if I've gotten anything wrong so far, then I must really need a dummy explanation. 

When people accept a bitcoin as a form of payment, where does their validation query go to ensure the address has that fund, and then where do they send the transfer info so that it then gets added to the block chain?  No central server or main node?  Then where? 

Whatever the answer is, how does anyone know if something has been altered on the block chain via node-side malware?  With every transaction is it checked against others copies?  If so how many?  How does it decide what to verify it against.  Which copies take precedence when two block chains are different?

Hopefully I actually sound really stupid and someone can point out where I can read a better understanding of how it all works.  It doesn't have to get that technical, if it's secure it can be made understandable on a conceptual level.   Let me come back to one thing:

"Every transaction and every block is verified by every full node on the entire peer-to-peer network."

My understanding was that every miner has a full copy.  My question is how every transaction and block is verified, if the ones doing the verifying are the ones under attack by theoretical malware (or possibly transaction spoofing where an exploit in the software is found), then how can you trust their verification?  A compromised computer could tell you that 3+4=17 if so ordered to.  And if there are compromised nodes with altered data (but not randomly altered, all compromised blocks match and confirm each other), then how is such a scenario resolved? 

And when a significant % of nodes get compromised, and payment processors are trying to do business during such a situation, which nodes are going to be providing them with verification of funds etc?

Firstly, sorry for necro'ing.  I'm going to write an article about bitcoins as they have become interesting to people in the investing world.  However, as more of a computer guy than most traders, I came here out of concerns about the integrity of the transaction system used by bitcoin.  In particular, this quote above leaves me with more questions than answers, so I thought maybe I could ask for some more info.

"Still can't get around the proof or work requirement.

If an attacker modifies a block that block now needs to be "signed" w/ a hash."

Simple question, why?  You've got these blockchains duplicated in computers all over the place, and no one who's checking for valid transactions (like retailers I mean) will know whether it's been signed with a hash, so if every blockchain gets modified in the same way by some sort of virus that utilizes some sort of software vulnerability and thereby was able to spread to every node in the network, how would an end user know what's valid or not? 

Is there some entity or centralized verifier somewhere that holds the key or algorithm to knowing when a transaction entry/hash is valid/invalid?  If the problem was simpler, conflicts between chains that could not be resolved, or massive deletions of transactions from the chain, is there a reference point somewhere that says "ok I'm the big guy in charge, copy from me to restore order". Break it down for me. 

Thanks.