From Bitcoin Wiki
Revision as of 18:15, 25 July 2017 by Belcher (talk | contribs) (added coin analogy page link)
Jump to: navigation, search

When the output of a transaction is used as the input of another transaction, it must be spent in its entirety. Sometimes the coin value of the output is higher than what the user wishes to pay. In this case, the client generates a new Bitcoin address, and sends the difference back to this address. This is known as change.

Say you want to buy a candy bar ($1) from a store. You open your wallet (fiat wallet) and inside there is a single $20 bill. What is the min amount you can pay? It isn't $1; you can't rip up 1/20th of the bill and give it to the cashier. You need to pay $20 and since you only owe $1, the cashier gives you back $19. Now in fiat nobody except the central bank can make new bills so bills are in fixed denominations and thus your fiat transaction may look something like the following.

  • Inputs:
    • $20 bill
  • Outputs:
    • $1 bill to cashier
    • $10 bill to you
    • $5 bill to you
    • $1 bill to you
    • $1 bill to you
    • $1 bill to you
    • $1 bill to you

We do it everyday so it becomes instinctive but if you break it down that is what is happening. Now lets imagine for a second that some system existed which allowed the cashier (or anyone) to securely destroy any authentic fiat money (bills) and print replacements in arbitrary amounts (not just $10s and $20s but $18.94537208 if you wanted to), while preventing double spending, counterfeiting, and ensuring that at all times the amount of money created is exactly the same as the amount of money destroyed. In that case your transaction may look like this:

  • Inputs:
    • $20 bill - destroyed
  • Outputs:
    • $1 newly created bill to cashier
    • $19 newly created bill to you

That is exactly how bitcoin works. Except instead of bills we call the elements inputs and outputs. When you "spend" bitcoins (create a transaction) you must use the entire value of an unspent output (of a prior transaction) and make it the input for a new transaction. Your wallet hides this somewhat by continually looking for unspent outputs and adding up their total value. So when your wallet says you have 130 BTC it simply means the sum of all your unspent outputs total 130 BTC. Just like a fiat wallet the value comes from one or more discrete bills/outputs.

Take the case of the transaction 0a1c0b1ec0ac55a45b1555202daf2e08419648096f5bcc4267898d420dffef87, a 10.89 BTC previously unspent output was spent by the client. 10 BTC was the payment amount, and 0.89 BTC was the amount of change returned. The client can't spend just 10.00 BTC out of a 10.89 BTC payment anymore than a person can spend $1 out of a $20 bill. The entire 10.89 BTC unspent output became the input of this new transaction and in the process produced are two new unspent outputs which have a combined value of 10.89 BTC. The 10.89 BTC is now "spent" and effectively destroyed because the network will prevent it from ever being spent again. Those unspent outputs can now become inputs for future transactions.

In this transaction, the fee is 0 but if there was a tx fee paid it would be the difference between the inputs and the outputs. (i.e. 10.89 BTC input and a 10.88 BTC output = 0.01 BTC fee).

The wallet file contains the private keys for change addresses, and they can receive and send coins normally. However, the GUI in the default client does not display them in the address book, therefore a recommendation is to backup wallet.dat every 50 transactions.

See Also