From Bitcoin Wiki
Revision as of 04:35, 21 March 2021 by Pancyrus (talk | contribs) (Removed double spaces after sentences.)
Jump to: navigation, search

When the output of a transaction is used as the input of another transaction, it must be spent in its entirety. Sometimes the coin value of the output is higher than what the user wishes to pay. In this case, the client generates a new Bitcoin address, and sends the difference back to this address. This is known as change.

Say you want to buy a candy bar ($1) from a store. You open your wallet (fiat wallet) and inside there is a single $20 bill. What is the min amount you can pay? It isn't $1; you can't rip up 1/20th of the bill and give it to the cashier. You need to pay $20 and since you only owe $1, the cashier gives you back $19. Now in fiat nobody except the central bank can make new bills so bills are in fixed denominations and thus your fiat transaction may look something like the following.

  • Inputs:
    • $20 bill
  • Outputs:
    • $1 bill to cashier
    • $10 bill to you
    • $5 bill to you
    • $1 bill to you
    • $1 bill to you
    • $1 bill to you
    • $1 bill to you

We do it everyday so it becomes instinctive but if you break it down that is what is happening. Now lets imagine for a second that some system existed which allowed the cashier (or anyone) to securely destroy any authentic fiat money (bills) and print replacements in arbitrary amounts (not just $10s and $20s but $18.94537208 if you wanted to), while preventing double spending, counterfeiting, and ensuring that at all times the amount of money created is exactly the same as the amount of money destroyed. In that case your transaction may look like this:

  • Inputs:
    • $20 bill - destroyed
  • Outputs:
    • $1 newly created bill to cashier
    • $19 newly created bill to you

That is exactly how bitcoin works. Except instead of bills we call the elements inputs and outputs. When you "spend" bitcoins (create a transaction) you must use the entire value of an unspent output (of a prior transaction) and make it the input for a new transaction. Your wallet hides this somewhat by continually looking for unspent outputs and adding up their total value. So when your wallet says you have BTC 130 it simply means the sum of all your unspent outputs total BTC 130. Just like a fiat wallet the value comes from one or more discrete bills/outputs.

Take the case of the transaction 0a1c0b1ec0ac55a45b1555202daf2e08419648096f5bcc4267898d420dffef87, a BTC 10.89 previously unspent output was spent by the client. BTC 10 was the payment amount, and BTC 0.89 was the amount of change returned. The client can't spend just BTC 10.00 out of a BTC 10.89 payment anymore than a person can spend $1 out of a $20 bill. The entire BTC 10.89 unspent output became the input of this new transaction and in the process produced are two new unspent outputs which have a combined value of BTC 10.89. The BTC 10.89 is now "spent" and effectively destroyed because the network will prevent it from ever being spent again. Those unspent outputs can now become inputs for future transactions.

In this transaction, the fee is 0 but if there was a transaction fee paid it would be the difference between the inputs and the outputs. (i.e. BTC 10.89 input and a BTC 10.88 output = BTC 0.01 fee).

The wallet file contains the private keys for change addresses, and they can receive and send coins normally. However, the GUI in the default client does not display them in the address book, therefore a recommendation is to backup wallet.dat every 50 transactions.

See Also