Why downloading the whole block chain

[porcupine87]

Hey guys,

So now I tried the enter to bitcoin again. It took me maybe 15hours to download the whole block chain(and my internet connection is not really slow). I don't know exactly, because I had to pause it several times, because it was so cpu-intensive, that other programms didn't run appropriate. I'm nach really fascinated by bitcoins and I want to invite friends and you know, make experiments. How fast is the sending really and such a stuff. But now I don't dare to ask: "hey, just download it and then wait 10 to 20 hours".

My question now is, why is it required to download the whole chain. What are the disadvanteges of so called light version clients that you for example use on smartphones? What exactly did I download? All 252 000 blocks with all transactions in it with all adresses and signatures?

Technically, why wouldn't it be secure enough to just - let's say - save 1000 blocks? One transaction is considered to be valid after 6 following blocks (confirmations). So when a new block is created, the first block can be deleted. Ok, now where I am thinking: We need to save all adresses with a positive balance, right? And as input of a transaction we need the last output. So we need to save every adress with a positive balance with the last transaction, in which the adress served as output.

Can somebody clear up that subject for me. I would be very happy

Greetings from Bavaria

[deepceleron]

Blocks are created in consecutive order about every 10 minutes. The first blocks you start downloading are from 2009.

If someone sent you a payment now, your Bitcoin client will only recognize the payment to you when the final block containing it is downloaded - your client will have no way to send money without downloading the whole blockchain up to the block that contains your payment.

In addition, you can't trust a payment if Bitcoin can't see where the sender received money from. The lineage of every Bitcoin amount that has been transferred can be traced back to the block in which it was created. You must have the history to fully verify a payment is authentic.

Lite clients store most of the blockchain on another computer, you only request block information when it is needed. Your client doesn't have the information needed to become a full node and support the Bitcoin network.

Web wallets require you trust someone else's services with your Bitcoins, or for sites like blockchain.info that can't spend your address balances, you must at least trust the service won't disappear.

[Sukrim]

Technically, why wouldn't it be secure enough to just - let's say - save 1000 blocks? One transaction is considered to be valid after 6 following blocks (confirmations). So when a new block is created, the first block can be deleted. Ok, now where I am thinking: We need to save all adresses with a positive balance, right? And as input of a transaction we need the last output. So we need to save every adress with a positive balance with the last transaction, in which the adress served as output.

Actually something kinda similar to this idea is also in discussion on this board for more than half a year now - called "ultimate blockchain compression" or "ultraprune". With this, one would create a set of all unspent outputs so far and a way to verify that this set is actually really the correct one for a certain block height.

One then only would need the chain headers (a handful MB), the set of unspent transaction outputs (currently ~170 MB afaik) and all full blocks since the last set was created to update this set to the most current state. Once a new set gets released, you verify its integrity and after a few blocks discard the old set and the content of the blocks leading up to the new set.

Currently this however has not been finalized and will probably for quite some time be just an extension (and to have a way to verify these sets, one also needs miners who put checksums of these sets into blocks), not part of the official client I guess.

[porcupine87]

Thank you for all replies and I forgot to say: My intention was not "Oh, you are to stupid, and I got the solution in just a few hours", but rather "I'm still to stupid to get it".

@deepceleron

It is clear to me, that my client always have to update to receive new bitcoins from transactions. That is a problem, too, if you just not frequently use bitcoins. One month of blocks is not downloaded in a second. The main problem is to download all the first time after you installed the client.
So you can trace back ever bitcoin to the coinbase transaction, but for what? Some competing nodes or firms can offer that information, but not every node has the intention to do that. That is/was my problem.

But I get the idea of lite clients. So can I imagine the analogy, that there will be some banks, whom I trust and they will store and update the block chain, so a user don't have to do that. The bank would be some kind of client software and the client humans of the bank would be the user of the client software? Hm, that would be a good solution! Maybe not exactly matching with the bitcoin ideology, anyway. Thanks for the input


@Sukrim

One then only would need the chain headers (a handful MB), the set of unspent transaction outputs (currently ~170 MB afaik) and all full blocks since the last set was created to update this set to the most current state. Once a new set gets released, you verify its integrity and after a few blocks discard the old set and the content of the blocks leading up to the new set.

Hm what "set of full blocks" do you mean there? Just maybe the last 1000 full blocks. And if a client gets started and there are 300 new blocks, the old 300 get discarded and the new 300 gets downloard?

And can you tell me something about the enforcing. Who finanlizes? Is it just a matter of the developers of the competing client softwares? So for example I could come up with my own software that will do the things, like you (and others) suggested?

[Syke]

So now I tried the enter to bitcoin again. It took me maybe 15hours to download the whole block chain(and my internet connection is not really slow).

There are lots of changes coming that will speed up that process. I just installed a new version on my phone and downloaded the whole blockchain in 1 hr. And it will still get faster as more optimizations are finished.

[Mike Hearn]

What you're asking for is called SPV validation and already exists. Use MultiBit or the Android "Bitcoin Wallet" app and you have that mode,

[Sukrim]

@Sukrim

One then only would need the chain headers (a handful MB), the set of unspent transaction outputs (currently ~170 MB afaik) and all full blocks since the last set was created to update this set to the most current state. Once a new set gets released, you verify its integrity and after a few blocks discard the old set and the content of the blocks leading up to the new set.

Hm what "set of full blocks" do you mean there? Just maybe the last 1000 full blocks. And if a client gets started and there are 300 new blocks, the old 300 get discarded and the new 300 gets downloard?

And can you tell me something about the enforcing. Who finanlizes? Is it just a matter of the developers of the competing client softwares? So for example I could come up with my own software that will do the things, like you (and others) suggested?

With "set" I mean a data structure that contains all unspent outputs at a certain block height (e.g. 250000). Every full block after this one (250001, 250002...) contains new transactions that use these unspent outputs as inputs and create new ones.

Once you have a trustworthy chain of headers (a few MB), you can verify that the latest blocks are also valid ones (correct difficulty). To verify all block contents and transactions, you also need the block "body" and all current unspent transaction outputs. If you only see a valid header this does not mean that every transaction contained in the block is ok. If you have a "light" (SPV) client, it will only look at the headers and request from nodes who store all the blocks information also some data about addresses you're interested in.

You cannot discard blocks at will, if you want to be able to verify transactions on the network if you haven't got a set of all unspent outputs at a certain block.

Having a header chain, a set of unconfirmed transactions and full blocks since that set means you can verify any transaction on the net and also mine - but you cannot see any transactions in the past any more. This would be somehow a middle state between a "full" or "archive" node (which stores all full blocks) and a "lite" node (which only stores headers and requests verifiable data via bloom filters from nodes who store all transactions).

[behindtext]

My question now is, why is it required to download the whole chain. What are the disadvanteges of so called light version clients that you for example use on smartphones? What exactly did I download? All 252 000 blocks with all transactions in it with all adresses and signatures?

Technically, why wouldn't it be secure enough to just - let's say - save 1000 blocks? One transaction is considered to be valid after 6 following blocks (confirmations). So when a new block is created, the first block can be deleted. Ok, now where I am thinking: We need to save all adresses with a positive balance, right? And as input of a transaction we need the last output. So we need to save every adress with a positive balance with the last transaction, in which the adress served as output.

i see that others have answered this already, but it is useful to consider this from the perspective of height (H) vs depth (D) of a tx

https://en.bitcoin.it/wiki/Thin_Client_Security

it is similar to the idea of height and depth (of an ideal) from ring theory. in order to determine a tx is legitimate with close to 100% certainty, you check the height and you need the entire tx history since you need to see where the coins in question came from. a less certain way to check that a tx is valid is to wait for D proof-of-works to complete that include the tx in their blocks.

[porcupine87]

Thanks for the competent answers!! Sorry, I have so many questions. I read stuff here and there but it don't wants to settle down in my brain completly...

So let me get this straight: The issue is to find out whether a transaction is valide or not. And to find out the likelihood of the transaction being invalidated due to the emergence of a longer fork.

I make an example: Alice wants to send to Bob 10 BTC. So there will be created an transaction which has at least one input and one output.
Input: the address of Alice, the signature (shows, that the legitimate owner of the address uses this address) and an output transaction (the transaction, in which Alice's address was the output address. For the sake of simplicity let's say this where also 10BTC).
Output: the address of Bob, the value and a part of the script.

So, what comes next? Who does validate what? My guess would be, that miners anyway test if everything is ok with that transaction. But does also Bob's client? Ok, if Bob has a thick client, he capable to trace back the 10 BTC. But why should he do this? Why would it not be sufficient just to wait(for confirmations) and let the miners do that work?

And a thin client relys on a random node (or more than one) in the network which he can reach, right? Why does he need to store the headers of the whole block chain?

It would help, thank you!