Casa Blog - Bitcoin Security Made Easy

While bitcoin is often discussed as a store of value, its function as a medium of exchange should not go overlooked.

Indeed, transacting with bitcoin is different from transacting with traditional assets, and there are some points you should know when sending and receiving bitcoin.

What constitutes a bitcoin transaction?

Bitcoin only exists online, though there are a variety of ways you can transact with it. You can transfer on-chain (on the bitcoin network). You can send and receive it on a Layer 2 network like Lightning. You can even transfer bitcoin in the physical world by sending bitcoin to a small hardware key such as OpenDime and handing it to a friend as a gift.

For the purposes of this article, we will be discussing the fundamentals of on-chain transactions. Usually, when you are first getting started in bitcoin, you purchase it on an exchange and withdraw it to your self-custody as your first bitcoin transaction.

Transacting with bitcoin on-chain requires you to communicate with the thousands of nodes around the world that make up the bitcoin network.

What are bitcoin addresses?

Bitcoin addresses are where you send and receive on the bitcoin network. They are generated from your public key and illustrated as a string of digits and letters. To spend from your address, you must generate a signature from your private key. The below article discusses keys in more detail.

Cryptography 101: Private keys and how they work
How can you prove you own something on the internet? The answer lies in private keys. Learn more about this game-changing technology.

Metaphorically speaking, each address is a mailbox. Bitcoin can be deposited to an address easily, but you need the associated key to spend the funds in it. Nodes maintain a running log of every address on the network.

What’s in an address?

If you ever look at a ledger or your bank account, you’ll notice a long list of entries containing debits and credits. Payments come in and payments go out. This is a system known as double-entry accounting, and it has been used by banks for centuries.

Bitcoin operates similar to this system with some enhancements. Miners and nodes collaborate to curate a blockchain, a running list of batched transactions. The blockchain contains a complete history of the bitcoin network dating back to the first block in 2009.

When you receive bitcoin at your address, you create an unspent transaction output (or UTXO). Unspent transaction outputs are individual entries at a bitcoin address of an amount of bitcoin you can spend someday.

Going back to our mailbox example from above, you can think of UTXOs as envelopes containing a certain amount of bitcoin. When you want to spend bitcoin, you open the envelope up, take all of the bitcoin out, and send it. But once the envelope is open, there is no reusing it. Any remaining bitcoin you don’t spend moves to a fresh envelope.

Each incremental UTXO at an address creates more data that will eventually need to be processed on the network when you transact, resulting in a higher transaction fee. Additionally, this cost can be further increased when combined with a multisig wallet because signatures also contain data. Because UTXOs can impact transaction fees, it’s prudent to give thought to the amount you transact with at any given time.

While we encourage the bitcoin community to transfer their bitcoin on-chain to self-custody as soon as possible, it’s important to not get carried away. Reducing deposits to your hardware wallet or Casa vault can be a great way to save on transaction fees in the future. Additionally, using a Lightning wallet can be a helpful alternative for transacting small amounts with barely any fees.

If you have a lot of UTXOs, there is a strategy that can help you mitigate higher fees. UTXO consolidation is a process where you transfer the bitcoin from many UTXOs to a new one at a new address with an on-chain transaction. For best results, you want to perform this at a time when the fee market is down. Timing makes a difference.

Click here for a full view of this graphic.

Transacting with bitcoin

When someone sends you bitcoin, what they’re really doing is broadcasting to the network, “Hey, everyone. I am transferring ownership of this bitcoin to this address.” This is done with a signature, a form of cryptographic proof.

The bitcoin nodes then validate the transaction to ensure it is compliant with the consensus rules, the technical parameters behind bitcoin. In essence, the nodes verify the math behind the transaction. Nodes accept or reject the transaction depending on if it follows the rules. For instance, if you try to send 42 million bitcoin to someone, the nodes will reject the transaction because it does not adhere to the 21 million limit and is, therefore, not bitcoin.

Once your transaction is approved, it’s added to the mempool, a queue of bitcoin transactions waiting to be confirmed.

For security reasons, it’s best to avoid reusing bitcoin addresses once you’ve spent from them. Any remaining bitcoin from a transaction is generally sent to a change address, a separate address with a new UTXO.

Confirmation: your moment of zen

Once your transaction is broadcasted, you wait for it to be confirmed on the bitcoin blockchain.

Transactions are compiled into blocks that are confirmed via the mining process. Blocks are typically confirmed every 10 minutes or so, though this can fluctuate wildly. Confirmation can take anywhere from a few minutes to a few days, depending on how high of a transaction fee is paid. If you want your transaction to be confirmed immediately, you should pay a higher transaction fee.

Fees also fluctuate depending on market demand for blockspace. There is a limit on how much data can be processed in each block, which is part of what enables the network to be decentralized.

It’s sometimes recommended to check the fee market before proceeding with a transaction to ensure your fee is processed in a timely manner. For instance, if you attempt a transaction with a fee significantly lower than the going market rate, your transaction could get stuck or purged from the mempool. If this happens to you and you’re a Casa member, visit our Support Center for troubleshooting instructions.

Transactions are not considered final until they have been confirmed, and the numbers of confirmation required can differ depending on the product or service you’re using.

If you’re waiting for a transaction to confirm, try not to worry about it. Nodes are communicating with each other all around the world, and this function is part of what makes bitcoin secure and decentralized. And confirmation is worth the wait.

Final thoughts

As a medium of exchange, bitcoin is a powerful technology. Now that you have a block-by-block understanding of transactions, you’re free to harness the full economic power of your asset.

Want to learn more about security?

Our weekly Security Briefing newsletter provides quick updates on crypto security with analysis from Casa’s experts. Sign up here.