Section II: Bitcoin Technical Architecture

Understanding Bitcoin's core concepts (mining, consensus, and monetary policy) provides the foundation. But to truly grasp how Bitcoin works, we need to examine the technical architecture that makes these concepts operational: how ownership is represented, how transactions are structured, and how the system maintains privacy and security at the protocol level.

UTXO Model

Bitcoin tracks ownership differently than traditional banks through its Unspent Transaction Output (UTXO) model. The best way to understand this is through a cash analogy.

Imagine physical cash in your wallet: not a single account balance, but individual bills of different denominations like a $20, two $5s, and some $1s. When you buy something for $7, you hand over a $5 and two $1s, getting change back if needed. You can't split a single bill, you use the denominations you have and receive new ones in return.

Bitcoin operates on the same principle. Your wallet holds a collection of UTXOs, individual digital "coins" of varying amounts. When you send bitcoin, your wallet selects which UTXOs to spend (a process called coin selection that involves privacy and fee tradeoffs), consumes them entirely, and creates new UTXOs: one for the recipient and one as "change" back to you. This design elegantly prevents double-spending because once a UTXO appears in a confirmed transaction, it's permanently removed from the spendable set and cannot be used again.

Every full node independently maintains its own view of this global UTXO set, the complete collection of all spendable outputs, by validating the entire blockchain. Ownership of these UTXOs is controlled by private keys, extremely large random numbers (roughly between 1 and 2²⁵⁶, about 10⁷⁷ possibilities) that function as the cryptographic secret proving control over funds. Your wallet generates these from high-quality randomness, similar to flipping a fair coin 256 times and treating the sequence of heads and tails as a 256-bit number. The private key is the core secret in Bitcoin: it lets your wallet produce digital signatures that satisfy the spending rules on your UTXOs.

Put simply: you “own” bitcoin if you control the private keys needed to spend specific UTXOs. If you lose those keys, those coins are effectively gone. If you keep them safe, only you can move those coins.

The rules for spending these UTXOs are defined by Bitcoin Script, a simple programming language. Each output includes a locking script that sets the spending conditions. Think of it as a lock that specifies what key is needed. When someone wants to spend that output, they provide unlocking data (essentially the key) to satisfy those conditions. The Bitcoin network verifies that the key fits the lock before allowing the transaction.

Bitcoin Script also supports timelocks, which keep transactions invalid until a specified time or block height is reached. These enable sophisticated contracts like Lightning channels, vaults, and escrow arrangements. For example, you could create a transaction that can only be spent after a certain date, or one that requires multiple signatures but allows a backup key after a timeout period.

Address Types and Formats

Bitcoin addresses have evolved over time, and you'll encounter several formats. Don't worry about memorizing the technical details. What matters is understanding that each generation improved on the last in terms of efficiency, privacy, or features. Modern wallets handle the complexity for you.

The key concept is that an address is not the same as a public key. Instead, an address is typically a shorter, encoded version of a public key hash or script hash, like a nickname that's easier to share than the full cryptographic data it represents.

The relationship between private keys, public keys, and addresses follows a specific cryptographic chain. From your private key, Bitcoin derives a public key using elliptic curve cryptography. Think of this as a one-way mathematical function: your private key transforms into a public key that's mathematically linked but computationally impossible to reverse. This public key then gets hashed (compressed through a one-way function) to create your Bitcoin address. The hashing keeps your public key hidden until you spend and makes addresses shorter and easier to share.

The address formats you'll encounter reflect this evolution. Legacy addresses, which start with 1, are the original format and work everywhere but typically incur slightly higher fees. P2SH addresses start with 3 and serve as a wrapper format often used for multisig setups or older SegWit compatibility. Native SegWit addresses start with bc1q and represent the modern default, offering lower fees and all-lowercase characters for easier error checking. Taproot addresses start with bc1p and represent the newest format. Unlike earlier types that hash the public key, Taproot encodes a version of the public key directly, enabling more flexible and private spending conditions where complex scripts can hide behind what looks like a simple single-key payment. Taproot has broad support across modern wallets, though some older services are still catching up.

For most users, simply use whatever address type your wallet generates by default. It will typically be Native SegWit or Taproot, both of which offer good fee efficiency and security.

Transaction Structure and Prioritization

A Bitcoin transaction consists of inputs (the UTXOs being spent) and outputs (the new UTXOs being created). The transaction fee equals the sum of inputs minus the sum of outputs. Once broadcast, transactions enter each node's mempool, which is a pool of unconfirmed transactions waiting to be included in a block.

Here's where economics comes into play. Since blocks have limited space, miners must choose which transactions to include from the mempool. They naturally prioritize transactions that maximize their revenue. However, transactions vary in size. A simple payment might be small while a complex transaction consolidating dozens of small inputs or batching payments to many recipients could be much larger. This is why miners look at fee rate (fee per unit of size) rather than absolute fee. A small transaction paying 10 sats might have a higher rate than a large transaction paying 100 sats. Fee rate is measured in satoshis per virtual byte (sats/vB), where a satoshi is the smallest unit of bitcoin (100 million satoshis equal one bitcoin).

This creates a fee market where users essentially bid for block space. Users needing quick confirmation during network congestion pay higher fee rates. Those who can wait pay less and wait for a quieter period. If a transaction gets stuck, users can use Replace by Fee (RBF) to broadcast a higher fee replacement, or Child Pays for Parent (CPFP) to create a high fee child transaction that incentivizes miners to include the parent. CPFP is used when the sender can't (or doesn't want to) replace the parent but controls one of its outputs (sender's change or the recipient's output). RBF is used when the sender controls the original transaction and it can be replaced.

Privacy Model

Bitcoin is pseudonymous, not anonymous. While addresses are not directly linked to real-world identity, transaction graph analysis can be used to cluster addresses and track the flow of funds. This risk is significantly increased by address reuse, which is why using a fresh address for each transaction is considered a best practice. Furthermore, KYC/AML regulations at crypto exchanges create links between on-chain activity and real-world identity, creating privacy gaps. Companies like Chainalysis have built billion dollar businesses on de-anonymizing blockchains.

At the transaction level, this pseudonymity has specific implications. When you receive bitcoin, only your address (the hash of your public key) appears on the blockchain. But when you spend bitcoin, you must reveal your actual public key along with a digital signature that proves you know the corresponding private key. This is a critical detail: the signature proves ownership without exposing the private key itself. Anyone can verify the signature matches the public key, and that the public key hashes to the address that received the funds, but they can't derive your private key from this information. This revelation of the public key at spending time is why the double-hashing that creates addresses provides an extra security layer, keeping your public key private until the moment you choose to spend.

The coin selection process mentioned earlier in the UTXO section has direct privacy implications. When your wallet chooses which UTXOs to spend, it's creating on-chain patterns that analysts use to cluster addresses. Spending multiple UTXOs together in one transaction strongly suggests they belong to the same owner. Similarly, the change output returning to your wallet can be identified through various heuristics, further linking your addresses.

To address these privacy limitations, various techniques have emerged. Common privacy practices include avoiding address reuse and optionally leveraging CoinJoin-style tools to reduce heuristic linking. CoinJoin combines inputs from many users into a single transaction that produces many outputs of identical (or near identical) denominations. Because all inputs sign the same transaction, on-chain observers cannot reliably determine which input funded which output. This breaks common heuristics like "multi-inputs belong to the same owner" and "change output detection," creating an anonymity set where each coin could plausibly belong to any participant. Modern implementations add features like input registration over Tor, output blinding, equal output denominations, and multi-round mixing to further resist clustering and improve plausible deniability.