Unspent transaction output

Last updated

In cryptocurrencies, an unspent transaction output (UTXO) is a distinctive element in a subset of digital currency models. A UTXO represents a certain amount of cryptocurrency that has been authorized by a sender and is available to be spent by a recipient. The utilization of UTXOs in transaction processes is a key feature of many cryptocurrencies, but it primarily characterizes those implementing the UTXO model. [1]

Contents

UTXOs employ public key cryptography to ascertain and transfer ownership. More specifically, the recipient's public key is formatted into the UTXO, thereby limiting the capability to spend the UTXO to the account that can demonstrate ownership of the corresponding private key. A valid digital signature associated with the public key must be included for the UTXO to be spent. [2]

UTXOs constitute a chain of ownership depicted as a series of digital signatures dating back to the coin's inception, regardless of whether the coin was minted via mining, staking, or another procedure determined by the cryptocurrency protocol. [2]

Prominent examples of cryptocurrencies adopting the UTXO model include Bitcoin and Cardano. Cardano utilizes an extended version of the UTXO model known as EUTXO. [3]

Origins

The conceptual framework of the UTXO model can be traced back to Hal Finney's Reusable Proofs of Work proposal, [4] which itself was based on Adam Back's 1997 Hashcash proposal. [5] Bitcoin, released in 2009, was the first widespread implementation of the UTXO model in practice. [1]

Comparison: UTXO Model vs. Account Model

Cryptocurrencies that utilize the UTXO model function differently compared to those using the account model. In the UTXO model, individual units of cryptocurrency, termed as unspent transaction outputs (UTXOs), are transferred between users, analogous to the exchange of physical cash. [6] This model impacts how transactions and ownership are recorded and verified within the blockchain network.

In the UTXO model, each unit of currency is treated as a discrete object. The history of a UTXO is documented only within the blocks where it is transferred. To ascertain the total balance of an account, one must scan each block to find the latest UTXOs linked to that account. While all nodes within a blockchain network must consent on the block history, the blocks relevant to an account's balance are unique to that account.

On the contrary, the account model preserves a record of each account and its corresponding balance for every block added to the network. This setup enables quicker balance verification without the need to scan historical blocks, but it increases the raw size of each block (though data compression techniques can be utilized to alleviate this). Regardless of these disparities, both models necessitate the inspection of past blocks to fully authenticate the origin of coins.

In the UTXO model, each object is immutable - units of coins cannot be 'edited' in the same way an account balance is modified when a transaction occurs. Rather, the balance is computed from the transaction history dating back to when the coins were first minted. This simplicity enhances security as a UTXO either exists in its anticipated form or it does not. In contrast, the account model requires meticulous verification of the account's status during transactions, which can lead to oversights if not conducted correctly.

The UTXO model's inherent characteristics also make it well-suited for off-chain protocols, such as sidechains and the Lightning Network. Conversely, the account model simplifies the task of storing the 'state' of transactions, but this ease doesn't necessarily imply superiority. The Extended UTXO (EUTXO) model, for example, introduces more explicit and cleaner state transitions, reducing the potential for unexpected outcomes. Although the EUTXO model may be more complex to handle, it offers enhanced security and straightforwardness.

UTXO set

The collective of UTXOs present in a blockchain constitutes a set. Each transaction in the network removes some elements from this set (those being spent) and adds new ones (those being created). This UTXO set effectively represents all the coins within a specific cryptocurrency system at a given time. [7]

In a broader sense, outputs are a superset of UTXOs, making UTXOs a subset of the outputs. This relationship and the dynamics of UTXOs, such as their lifespan within Bitcoin's system, have been subjects of research. [8]

In valid blockchain transactions, only unspent outputs (UTXOs) are permissible for funding subsequent transactions. This requirement is critical to prevent double-spending and fraud. Accordingly, inputs in a transaction are removed from the UTXO set, while outputs create new UTXOs that are added to the set. The holders of private keys, such as those with cryptocurrency wallets, can utilize these UTXOs for future transactions. [1]

The Extended UTXO (EUTXO) Model

The Extended UTXO (EUTXO) model is an advanced iteration of the traditional Unspent Transaction Output (UTXO) model. It expands on the fundamental UTXO model, incorporating enhanced features to increase flexibility and utility while maintaining the model's inherent advantages in security, predictability, and parallelizability. [9]

In the EUTXO model, UTXOs can be linked to arbitrary pieces of data and logic in the form of smart contracts. This allows UTXOs to carry state in a way that remains compatible with the parallel processing of transactions and the predictable resource consumption inherent to the UTXO model. It results in more expressive and complex contracts compared to those feasible under the basic UTXO model, bridging the gap between the UTXO and account models in terms of contract functionality.

Each UTXO in the EUTXO model is associated with a data value that can change as the UTXO is consumed and new ones are created, allowing contracts to maintain state across transactions. This enriched data structure offers the EUTXO model an extended ability to facilitate smart contract development while still maintaining the immutability and auditability of the standard UTXO model.

The EUTXO model is used in cryptocurrencies like the Cardano blockchain to facilitate more complex financial transactions and automated scripts. It serves as the basis for Plutus, Cardano's smart contract development platform, and allows it to handle complex, stateful contracts while maintaining a high level of security and predictability. [9]

Despite its added complexity, the EUTXO model maintains the critical advantages of the UTXO model. It preserves predictable resource consumption, a valuable property for contract execution, and it supports high degrees of parallelism for transaction processing, a crucial feature for blockchain scalability.

See also

Related Research Articles

Financial cryptography is the use of cryptography in applications in which financial loss could result from subversion of the message system. Financial cryptography is distinguished from traditional cryptography in that for most of recorded history, cryptography has been used almost entirely for military and diplomatic purposes.

Proof of work (PoW) is a form of cryptographic proof in which one party proves to others that a certain amount of a specific computational effort has been expended. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Moni Naor and Cynthia Dwork in 1993 as a way to deter denial-of-service attacks and other service abuses such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. The concept was adapted to digital tokens by Hal Finney in 2004 through the idea of "reusable proof of work" using the 160-bit secure hash algorithm 1 (SHA-1).

Double-spending is the unauthorized production and spending of money, either digital or conventional. It represents a monetary design problem: a good money is verifiably scarce, and where a unit of value can be spent more than once, the monetary property of scarcity is challenged. As with counterfeit money, such double-spending leads to inflation by creating a new amount of copied currency that did not previously exist. Like all increasingly abundant resources, this devalues the currency relative to other monetary units or goods and diminishes user trust as well as the circulation and retention of the currency.

<span class="mw-page-title-main">Bitcoin</span> Decentralized digital currency

Bitcoin is the first decentralized cryptocurrency. Nodes in the peer-to-peer bitcoin network verify transactions through cryptography and record them in a public distributed ledger, called a blockchain, without central oversight. Consensus between nodes is achieved using a computationally intensive process based on proof of work, called mining, that guarantees the security of the bitcoin blockchain. Mining consumes large quantities of electricity and has been criticized for its environmental impact.

<span class="mw-page-title-main">Cryptocurrency</span> Digital currency not reliant on a central authority

A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it. It has, from a financial point of view, grown to be its own asset class. However, on the contrary to other asset classes like equities or commodities, sectors have not been officially defined as of yet, though abstract versions of them exist.

<span class="mw-page-title-main">Bitcoin protocol</span> Rules that govern the functioning of Bitcoin

The Bitcoin protocol is the set of rules that govern the functioning of Bitcoin. Its key components and principles are: a peer-to-peer decentralized network with no central oversight; the blockchain technology, a public ledger that records all Bitcoin transactions; mining and proof of work, the process to create new bitcoins and verify transactions; and cryptographic security.

Zerocoin is a privacy protocol proposed in 2013 by Johns Hopkins University professor Matthew D. Green and his graduate students, Ian Miers and Christina Garman. It was designed as an extension to the Bitcoin protocol that would improve Bitcoin transactions' anonymity by having coin-mixing capabilities natively built into the protocol. Zerocoin is not currently compatible with Bitcoin.

<span class="mw-page-title-main">Ethereum</span> Open-source blockchain computing platform

Ethereum is a decentralized blockchain with smart contract functionality. Ether is the native cryptocurrency of the platform. Among cryptocurrencies, ether is second only to bitcoin in market capitalization. It is open-source software.

A blockchain is a distributed ledger with growing lists of records (blocks) that are securely linked together via cryptographic hashes. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data. Since each block contains information about the previous block, they effectively form a chain, with each additional block linking to the ones before it. Consequently, blockchain transactions are irreversible in that, once they are recorded, the data in any given block cannot be altered retroactively without altering all subsequent blocks.

A decentralised application is an application that can operate autonomously, typically through the use of smart contracts, that run on a decentralized computing, blockchain or other distributed ledger system. Like traditional applications, DApps provide some function or utility to its users. However, unlike traditional applications, DApps operate without human intervention and are not owned by any one entity, rather DApps distribute tokens that represent ownership. These tokens are distributed according to a programmed algorithm to the users of the system, diluting ownership and control of the DApp. Without any one entity controlling the system, the application is therefore decentralised.

A distributed ledger is a system whereby replicated, shared, and synchronized digital data is geographically spread (distributed) across many sites, countries, or institutions. In contrast to a centralized database, a distributed ledger does not require a central administrator, and consequently does not have a single (central) point-of-failure.

<span class="mw-page-title-main">Ethereum Classic</span> Blockchain computing platform

Ethereum Classic is a blockchain-based distributed computing platform that offers smart contract (scripting) functionality. It is open source and supports a modified version of Nakamoto consensus via transaction-based state transitions executed on a public Ethereum Virtual Machine (EVM).

<span class="mw-page-title-main">Cardano (blockchain platform)</span> Public blockchain platform

Cardano is a public blockchain platform. It is open-source and decentralized, with consensus achieved using proof of stake. It can facilitate peer-to-peer transactions with its internal cryptocurrency, ADA.

Segregated Witness, or SegWit, is the name used for an implemented soft fork change in the transaction format of Bitcoin.

A cryptocurrency wallet is a device, physical medium, program or an online service which stores the public and/or private keys for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often offers the functionality of encrypting and/or signing information. Signing can for example result in executing a smart contract, a cryptocurrency transaction, identification, or legally signing a 'document'.

A blockchain is a shared database that records transactions between two parties in an immutable ledger. Blockchain documents and confirms pseudonymous ownership of all transactions in a verifiable and sustainable way. After a transaction is validated and cryptographically verified by other participants or nodes in the network, it is made into a "block" on the blockchain. A block contains information about the time the transaction occurred, previous transactions, and details about the transaction. Once recorded as a block, transactions are ordered chronologically and cannot be altered. This technology rose to popularity after the creation of Bitcoin, the first application of blockchain technology, which has since catalyzed other cryptocurrencies and applications.

<span class="mw-page-title-main">Ouroboros (protocol)</span> Blockchain protocol

Ouroboros is a family of proof-of-stake consensus protocols used in the Cardano and Polkadot blockchains. It can run both permissionless and permissioned blockchains.

Colored Coins is an open-source protocol that allows users to represent and manipulate immutable digital resources on top of Bitcoin transactions. They are a class of methods for representing and maintaining real-world assets on the Bitcoin blockchain, which may be used to establish asset ownership. Colored coins are bitcoins with a mark on them that specifies what they may be used for. Colored coins are also considered the initial step toward NFTs built on top of the Bitcoin network.

Nervos Network is a proof-of-work blockchain platform which consists of multiple blockchain layers that are designed for different functions. The native cryptocurrency of this layer is called CKB. Smart contracts and decentralized applications can be deployed on the Nervos blockchain. The Nervos Network was founded in 2018.

References

  1. 1 2 3 Antonopoulos, Andreas M. (2017). Mastering Bitcoin: Unlocking Digital Cryptocurrencies. O'Reilly Media, Inc.
  2. 1 2 Delgado-Segura, Sergi; Pérez-Sola, Cristina; Navarro-Arribas, Guillermo; Herrera-Joancomartí, Jordi (2019). "Analysis of the Bitcoin UTXO Set". Financial Cryptography and Data Security. Lecture Notes in Computer Science. Vol. 10958. Springer. pp. 78–91. doi:10.1007/978-3-662-58820-8_6. ISBN   978-3-662-58819-2.{{cite book}}: |journal= ignored (help)
  3. Chakravarty, Manuel M.T.; Chapman, James; MacKenzie, Kenneth; Melkonian, Orestis; Peyton Jones, Michael; Wadler, Philip (2020). "The Extended UTXO Model". Financial Cryptography and Data Security. Lecture Notes in Computer Science. Vol. 12063. Springer. pp. 525–539. doi:10.1007/978-3-030-54455-3_37. ISBN   978-3-030-54454-6.{{cite book}}: |journal= ignored (help)
  4. "Reusable Proofs of Work". nakamotoinstitute.org. August 16, 2004.
  5. "Hashcash - A Denial of Service Counter-Measure". hashcash.org. March 28, 1997.
  6. "Unspent Transaction Output (UTXO)". river.com/learn/. December 15, 2020.
  7. "UTXO Set". river.com/learn/. December 15, 2020.
  8. "Bitcoin UTXO Lifespan Prediction" (PDF). cs229.stanford.edu. December 11, 2015.
  9. 1 2 Chakravarty, Manuel M. T.; Chapman, James; MacKenzie, Kenneth; Melkonian, Orestis; Peyton Jones, Michael; Wadler, Philip (2020). "The Extended UTXO Model". In Bernhard, Matthew; Bracciali, Andrea; Camp, L. Jean; Matsuo, Shin'ichiro; Maurushat, Alana; Rønne, Peter B.; Sala, Massimiliano (eds.). Financial Cryptography and Data Security. Lecture Notes in Computer Science. Cham: Springer International Publishing. pp. 525–539. doi:10.1007/978-3-030-54455-3_37. ISBN   978-3-030-54455-3.