Symbolic number, as there can only ever be 21 million Bitcoin in existence. It is not known why Satoshi Nakamoto chose this exact number.
Referring either to the expected growth in a coin, or the amount of leverage used in a margin trade. Either a sign of extreme bullishness or willingness to take risks.
A majority of Bitcoin miners could collude in proof of work blockchains to attack the chain. Such an attack would not allow miners to steal any funds, but they could reverse recently confirmed transactions and block specific or general transactions, for example, by freezing funds. A successful 51% attack can bring the system to a halt.
To send somebody Bitcoin, you need their Bitcoin Address. An address is technically the SHA-256 hash of a public key or script, pre-fixed with 1, 3, or bc1. It can either be encoded with base58 or bech32.
The process of awarding a newly created Altcoin to existing Bitcoin holders. Usually, this process requires users to enter their private keys into the Altcoin client—a dangerous move that requires the user to move their Bitcoin first before they claim their airdrop.
Swapping a Bitcoin for an Altcoin in a way that doesn’t require escrow is called an Atomic Swap. It is a transaction made under the condition of another transaction and enforced with cryptography, which makes it impossible for any of the two parties to cheat. An atomic swap can be a good example of a smart contract.
Used to make large numbers shorter and easier to parse than binary or the commonly used base10 (using the familiar system of numbers of 0-9). Base58 is the encoding scheme used for P2SH and P2PKH Bitcoin addresses, starting with 1 or 3. It includes the numbers 1-9, all uppercase characters except for I & O and all lower case characters except for l (as they could be mistaken for similar characters). See also: Bech32.
Usually, a Bitcoin transaction contains one destination output and one change output. Services that make multiple transactions, however, have an incentive to ‘batch’ transactions. A single transaction with multiple outputs instead of multiple transactions saves blockspace and fees.
A person pessimistic about Bitcoin.
A heavy trader who is pessimistic or selling large amounts of coins.
Bitcoin Improvement Proposal is a commonly accepted procedure to propose changes and additions to the Bitcoin code. Not all BIPs are relevant to the Nakamoto Consensus—some simply govern procedures, best practices, or standards.
A Bitcoin Automatic Teller Machine sells Bitcoin in exchange for paper currency. Some machines can also dispense fiat.
In August 2017, a group of Bitcoin enthusiasts changed the consensus rules of Bitcoin, particularly those governing the block size. As only a few miners and participants joined them, the network permanently forked. Everybody who held Bitcoin before the fork received an equal amount of Bitcoin Cash (known as an airdrop), which can be traded on other exchanges.
Bitcoind, short for Bitcoin Daemon, is the command-line version of Bitcoin Core.
Bitcoin-qt (pronounced cute) is the graphical interface of Bitcoin Code, the most popular Bitcoin client. Named after the QT widget toolkit, on which it is built.
A person that uses Bitcoin. Transacting, verifying, saving and mining are all uses of Bitcoin.
A block contains transactions. Each block references its predecessor, forming a long chain back to the Genesis Block. The first transaction in a block currently creates 6.25 Bitcoin from nowhere—the block subsidy. A block is found, on average, every ten minutes by a miner. The block is then propagated around the network and accepted by the nodes as long as it conforms to the consensus rules.
Also called the block reward. For each block that a miner finds, they are allowed to ‘create’ Bitcoin out of nowhere. How many Bitcoin they are allowed to create is defined by Bitcoin’s consensus rules. The Bitcoin they are allowed to create is called the block subsidy.
The first 210,000 Bitcoin blocks contained a 50 BTC reward, the next 210,000 blocks 25 BTC, currently 12.5 BTC and in 2020 there will only be 6.25 BTC per block. 99% of all coins will be mined before 2037, all but 100 Bitcoin will be mined before 2081, and all but one Bitcoin by 2109. This will continue until the block subsidy halved 34 times, around 2145. From then on, transaction fees will be the sole incentive to mine Bitcoin. See also: Halving.
Blocks always reference the previous block, which creates a chain of data. This chain is called the blockchain or ledger.
The allowed size of a block in the Bitcoin blockchain. Since 2010, the limit is 1MB. The SegWit softfork allows signature data storage outside of a block, making the block size measurement obsolete. Instead, block weight is used. The effective maximum block size is now almost double or even quadruple of 1MB.
Bitcoin blocks are limited in size, and the amount of available space is called blockspace. There are fees to use this space and the process through which miners select transactions and include them in a block is called the fee market.
Alternative name for a Bitcoin ATM.
A person optimistic about Bitcoin.
Usually measured in transactions per second, or TPS, the capacity of the Bitcoin network varies, depending on the types of transactions. Generally, it is between 3 and 5 TPS depending on what types of transactions we assume are being used (see SegWit and batching).
When spending Bitcoin, you will have to reference a previous incoming transaction, so all Bitcoin are always accounted for on the blockchain. But rarely do previous inputs match the amount you want to send, so you’ll have to group inputs together and send the remaining bitcoin back to yourself as change.
The transaction containing the Block reward has no input. Instead, arbitrary data, such as a number or a message, is used as its coinbase. Not to be confused with the popular Bitcoin exchange of the same name.
A technique that mixes the transactions of multiple people to obfuscate which inputs belong to which outputs.
Bitcoins stored on a medium (such as a computer, USB stick, or piece of paper) which has never connected to the internet.
A transaction can be attributed (colored) with a special meaning, such as representing a deed. This deed can then be moved around and stored like a regular Bitcoin transaction, without you accidentally mixing and spending it with your regular Bitcoin.
When a transaction is included in a block by a miner, it is considered to have one confirmation. Each subsequently found block adds another confirmation. Only sufficiently confirmed transactions are considered ‘final.’ Due to the possibilities of attacks, it might be possible to reverse a transaction that only has one or two confirmations. But, after six confirmations, a transaction is generally considered to be irreversible, although depending on the size of the transaction, it might be unviable to double spend it much earlier. Unconfirmed transactions are generally thought to be insecure, although attacks are rare.
Cryptography or cryptology is the technique of hiding information, securing, and authenticating communications.
An art and literature genre in which advanced technology is pinned against a dystopian society in which poverty prevails. Bitcoin is often associated with such a future because of its ability to function without governments. Not to be confused with Cypherpunk.
A social movement that aims to empower the individual through the spread of technology, in particular cryptography. Bitcoin was first announced on the Cryptography mailing list, where many cypherpunks gathered and discussed their proposals. “Cypherpunks code” is a popular slogan attributed to the movement.
A measurement of when coins that have been stored for a long time are suddenly spent. One hundred Bitcoin that is spent after staying in a wallet for one year is counted as 36,500 (365*100) ‘Days Destroyed.’ A sudden spike could be indicative of a bearwhale selling their coins.
Blocks are supposed to be found by miners, on average, every 10 minutes. As new miners join, they find blocks faster and faster. The difficulty is adjusted every 2016 blocks (roughly two weeks) to slow down the creation of new Bitcoins. When miners turn off their machines, difficulty eventually decreases.
The fundamental problem solved by the Nakamoto Consensus. In Bitcoin’s blockchain, nobody is able to spend a Bitcoin twice after a certain amount of time has passed and the transaction has been confirmed.
In a double spend attack, a user would attempt to defraud a participant by sending a coin, getting one or two confirmations, then attacking the blockchain by mining a contradicting block of the same height as the block containing the transaction. This becomes easier the more hashing power an attacker has (51% attack), and more difficult the more confirmations a block has. After six confirmations, a transaction is generally considered irreversible even with millions of dollars spent on the attack.
Elliptic Curve Digital Signature Algorithm is the algorithm used by Bitcoin to generate private and public key pairs and verify their signatures. It is not clear Satoshi Nakamoto chose this algorithm, as it was relatively unknown at the time of Bitcoin’s release.
A contract between two trading partners and a third-party broker, who is only expected to intervene if one of the parties calls for them, eg. something going wrong in the agreement.
It is relatively expensive to escrow traditional funds when compared to Bitcoin, where escrow can be cheaply established using a 2-of-3 multisignature wallet. If the contract is fulfilled, the two transacting parties can move the funds without the need for the escrow party to intervene, contrary to traditional arrangements, where the broker always needs to intervene. Another advantage in Bitcoin is that the broker is never in full control of the funds. They can only steal funds by colluding with at least one of the transacting partners.
An explorer, or blockexplorer, is a tool or website that allows you to conveniently navigate the data stored on a blockchain. This includes looking up addresses and their associated balances, pending and confirmed transactions, and metadata such as OP_Return.
Due to limited blockspace, a transaction has to pay a fee to be included in a block. Ideally, the optimal fee is discovered in a functional fee market. In the long run, fees will be the main incentive for miners to continue mining, as the block subsidy will slowly go to zero.
Due to limited blockspace, a transaction has to pay a fee to be included in a block. Ideally, a well-functioning market determines how expensive fees are. During times of congestion, a higher fee must be paid to get a transaction confirmed, while a lower fee will allow the transaction to stay in the mempool until times of lower congestion. RBF is an important tool for the Fee market.
Fiat money is currency issued by a government.
Similar to a DDoS attack, a flood attack ‘floods’ the mempool with transactions. In a functional fee market, this raises transaction fees and limits the capacity of the network. Flood attacks can be expensive for the attacker—either they will have to pay transaction fees to the miners, or, if they are a miner themselves, bear the opportunity cost of not including other paying transactions.
When all participants no longer agree on the state of the network, it has forked. This can happen as the result of a bug, mistake, or deliberate act. For example, a widening of the rules (such as increasing the Block Size or the number of Bitcoins in existence) inevitably leads to a network fork. See also: Hardfork and softfork.
All blockchains have a Genesis Block, which is the first block in the blockchain. In the Bitcoin blockchain, the Genesis Block famously contains the message “The Times | 1/3/2009 | Chancellor on Brink of Second Bailout for Banks”. The Bitcoins in the Genesis Block cannot be spent.
Every 210,000 blocks, the block reward is halved. Starting from 50 BTC per block in 2009, it currently stands at only 6.25 BTC, after three halvings. Eventually, the block reward will go to zero, after 33 halvings. Also called a “halvening” (halving & happening), this event is popularly celebrated, similar to a New Year’s Day of Bitcoin.
Any change that widens the existing ruleset (meaning to allow something that was previously NOT allowed) is considered a hardfork. Unless all participants upgrade their software, such a rule change will lead to a chain split, commonly called a fork.
A specialized chip that contains a secure enclave which stores your private key. It is only a hardware wallet if the private keys cannot be extracted.
A hash is the output of a -> hash function. A Bitcoin address is the result of applying the SHA-256 function twice to its public key. Bitcoin mining uses the same hash function to let computers prove they used a certain amount of electricity in Bitcoin’s proof of work algorithm.
A hash function is a cryptographic ‘one-way’ function that compresses any data into a number known as a hash. This number can be used as a fingerprint for any data. A hash function is considered secure if its output cannot be predicted, and if there are no two known strings that compute the same hash.
The number of hashes that a Bitcoin miner can perform.
Each block has a height, which is its sequence in the Blockchain starting from Block 0 on January 3, 2009.
A misspelling of hold. Represents the ethos of saving and long-term planning, as opposed to simply spending your coin. Often criticized for its “hoarding” mentality, many Bitcoiners prefer a culture of savings and long-term planning. For some reason, HODL is often seen as an acronym of Hold On for Dear Life in the press.
A wallet running on a computer or phone that is connected to the internet. See also: -> Cold wallet.
Input and output
A Bitcoin transaction typically references one or more inputs as the origin of its funds and two or more outputs. The output that does not point to a payee is a change output. Only a coinbase transaction has no input, as it creates Bitcoin from thin air.
Another name for the Bitcoin blockchain. More generally, a ledger is a record of transactions and assets, similar to a balance sheet. In the Lightning Network, each participant has their own ledger, while in the Bitcoin network everyone shares the same ledger.
The Lightning Network is a network that sits ‘on top’ of Bitcoin. Participants can connect to the network by depositing Bitcoin into specialized smart contracts. They can then make infinite transactions with each other at very low fees, without being limited by Bitcoin’s capacity constraints.
A feature of the smart contracts used in the Lightning Network is the concept of Check-Locktime-Verify, or CLTV. It creates a transaction that is only redeemable after a certain amount of time has passed.
A bug in standard Bitcoin transactions allows anybody to change the transaction ID before the transaction has been mined. This bug makes it difficult to chain unconfirmed transactions to each other. It was fixed by introducing a new transaction standard called SegWit.
When trading Bitcoin with leverage, your position is only secured to the point where your loss reaches your collateral. If that happens, you are ‘margin called’ and your collateral (e.g., your Bitcoin) are sold and you are rekt.
Bitcoin’s Merkelized Abstract Syntax Trees aim to allow for more complicated smart contracts in Bitcoin. It allows to specify a set of conditions under which Bitcoin can be spent, without having to reveal all these conditions at once. Instead, they are individually hashed into a Merkle Tree.
Somebody who only owns or uses Bitcoin, and who believes it is the only cryptocurrency or blockchain system worth spending time and effort on. Often coupled with the belief that strong network effects will lead to only one cryptocurrency dominating global payments.
Each client maintains a record of all unconfirmed transactions. This list makes up the mempool. A transaction is removed from the mempool if a client deems it to be too old, or if it is included in a block.
The single hash at the bottom (or top) of a Merkle tree is called the Merkle root. No value in the Merkle tree can be changed without also changing this root. This root is included in the block header.
See: Seed phrase
Where is Bitcoin going? To the moon!
A cryptocurrency exchange that once made up almost all of the global Bitcoin trading volume. Infamously defaulted in 2014 after admitting to losing most of their customers’ money.
Short for multisignature, a multisig is a type of address that allows multiple parties to collectively control funds. A 2-of-2 multisig has two parties, both of which are needed to sign off on every transaction. It is commonly used in the Lightning Network. 2-of-3 multisig addresses are commonly used for cold storage or escrow.
A derogatory term for somebody who does not own any cryptocurrency, often in conjunction with dismissing the concept entirely.
A computer running a Bitcoin client that verifies the integrity of the blockchain and new transactions, as well as passes on new transactions and blocks to its peers. By default, your Bitcoin node will connect to 8 other nodes, and you can configure it to allow for more incoming connections. Because the network does not depend on any particularly nodes, in particular, it becomes very difficult for any party to hinder peers from communicating with each other.
The nonce is part of the block header. The miner freely chooses the nonce, with the goal of finding a block that hashes to a value with a number of leading zeroes. How many zeroes depends on the difficulty target.
A Bitcoin notary service proves the existence of a piece of data (such as a document or picture) before a certain time. By including a block hash in the data, it is possible to prove the existence of said data after a certain time, giving a relatively narrow (~10min) time interval in which it was created. However, this does not prove the authenticity of that document or image—only its existence.
A one-way ATM is a machine where people can buy Bitcoin with cash or, less commonly, a card. Unlike a two-way ATM, it cannot dispense cash.
The Operation Codes define the Bitcoin scripting language. There are almost 200 OP Codes, although many are disabled due to not having a particular use, or they pose unnecessary risks.
When two blocks are found at the same time, only one of them can be valid. The invalid one will be orphaned, as successive blocks are not built upon it. In rare cases, the chain can temporarily fork, for example, due to a bug or malice. In this case, there will be two permanent chains or an orphaned chain.
P2Pool was a decentralized mining pool in which miners are paid proportionally to their work, lowering the barrier to entry to become a miner over solo mining by distributing the luck of finding a block over a large number of users and guaranteeing a stable flow of income
Pay to Script Hash. Instead of sending a Bitcoin to a public key, it can also be sent to a script. To redeem this coin, the owner must reveal the script, and the script needs to execute successfully. With this technique, it is possible to create smart contracts in Bitcoin. P2SH addresses start with the number 3, as opposed to 1 for P2PKH addresses.
Pay to Pubkey Hash is the long-established standard of Bitcoin transactions, where a payment is made to the hash of a public key. A valid ECDSA signature is needed to spend the funds, unlike with P2SH, which allows for more complex smart contracts. P2pKH addresses typically start with 1.
“Bitcoin: A Peer-to-Peer Electronic Cash System” is the title of the Bitcoin Whitepaper. Peer-to-peer means that there is no centralized architecture and that anybody can join the network and talk directly to other participants. Other popular P2P systems include BitTorrent and I2P.
On May 22, 2010, developer Laszlo Hanyecz bought two pizzas for a total sum of 10,000 BTC. This was the first known transaction in which Bitcoin was used to buy a physical good. Satoshi’s favorite pizza seems to be Pineapple and Ham, as revealed in a comment, although many hope he was only joking.
Point of sale
The device or counter where something is sold. In the context of Bitcoin, this is usually a plugin, a web app, an app on a phone, or an integration to a traditional PoS device. Not to be confused with proof of stake.
A mining pool allows small miners to collaborate and find the solution to a valid block together. Solutions are ‘pooled’ and everyone is paid out proportionally to the winnings of the pool, although the exact enumeration varies.
See: Proof of work
Pay Per Share, a common method for mining pools to determine how much each miner gets paid. PPS means the miner gets paid a fixed sum per hash regardless of whether the pool finds a block or not. If the pool gets lucky it will keep the profits, but it might also get unlucky and go bankrupt.
A Bitcoin private key is a random number of 256 bits in length. From the private key, the public key is derived using the ECDSA algorithm. This public key is then hashed twice using SHA-256, encoded with base58, and prefixed with 1 to derive its address. Other address formats such as bech32 and P2SH also have private and public keys, but the addresses are encoded differently.
Proof of burn
Proof of stake
Bitcoin’s proof of work is known to be intentionally highly energy intensive. In the alternative proof of stake model miners produce valid block by voting with the coins they own on the valid chain. The idea of PoS pre-dates Bitcoin’s proof of work, but never found broad application among cryptocurrencies.
Proof of work
Also dubbed Nakamoto Consensus, PoW is Bitcoin’s consensus algorithm. Miners destroy electricity by hashing the block header with varying nonces until they find a valid block according to the difficulty target. The more electricity somebody destroys, the more likely they are to find a new block, which rewards them for their efforts with newly minted Bitcoin, called the coinbase transaction.
The Bitcoin protocol is the set of rules that govern what makes a valid transaction block, as well as how nodes communicate with each other. Some parts of the protocol are easy to change, while others require consensus from the entire network, making changes unlikely without forking the chain. The Bitcoin protocol does not have formally written specifications other than its code.
Replace By Fee. This standard allows somebody to increase their transaction fee and replace their transaction in the mempool. This allows people to set a lower transaction fee for low-priority transactions and increase it later if the fee level remains high, or if the transaction becomes high-priority.
In honor of its creator, Satoshi Nakamoto, the smallest unit of a Bitcoin is called a Satoshi. A Satoshi is 1/100 million or 10^-8 Bitcoin. Through second layers like the Lightning Network, such units can become further divisible into milli-satoshis, or 10^-11 Bitcoin.
The creator, or creators, of Bitcoin used the pseudonym Satoshi Nakamoto to publish the Bitcoin Whitepaper and communicate with collaborators. Satoshi was last heard from in December 2010.
Schnorr signatures are a proposed new scheme to sign transactions. Compared to ECDSA signatures, Schnorr signatures allow multiple signatures to be aggregatedinto one, improving privacy and making multisig as well as smart contracts easier and cheaper.
The Bitcoin scripting language Script allows the creation of complex rules for the redemption of an input, such as multisignature and smart contracts. It is also possible to send Bitcoin to a script hash instead of a public key. For security reasons, however, the number of OP Codes are limited, there are no loops and the language is not Turing complete.
Networks that use Bitcoin’s blockchain only to anchor crucial information or smart contracts. Such networks are important for scaling Bitcoin to billions of users. Examples include notary services and the Lightning Network.
Instead of backing up each private key in a Bitcoin wallet, a seed phrase (or mnemonic phrase) can be used to generate infinite random addresses. Only the phrase is needed to back them up, and this action only has to be performed once.
A new transaction type that fixes the malleability problem of legacy Bitcoin transactions. Was implemented as a softfork, but in combination with the lack of Block Size increase became a controversial issue that contributed to Bitcoin cash fork.
A cryptographic signature allows the owner of a private key to prove they are in possession of that key without revealing it. In Bitcoin, it is used primarily to prove ownership over your coins.
Signet is a centrally managed variation of testnet. It can be used to test whether novel transaction types or modified blocks are accepted by the network, without risking a loss of funds. You can join the signets of others or run your own. While signet is very new, it is expected to gain popularity over testnet because of more stable times in between new blocks.
Between 2011 and 2013 the Silk Road was a popular darknet marketplace to trade drugs and contraband. It arguably helped Bitcoin reach popularity and demonstrated the utility and resilience of the network. Many of the circumstances around the Silk Road’s creation and ultimate takedown by authorities are still not known. For his alleged involvement in the Silk Road marketplace, Ross Ulbricht currently serves a life sentence for narcotics trafficking and money laundering.
Simnet is a locally run simulation of the Bitcoin network, similar to signet and testnet. Unlike other simulations, it can be easily created spontaneously, sped up and used to simulate the network in fast forward, rather than real time.
A smart contract is technically neither smart nor a contract. It is a computer program executed by a distributed system, such as the Bitcoin network. Its rules are transparent and it cannot be cheated. As such, it is considered incorruptible.
A softfork is a rule change that tightens the rules of the network. All blocks created under this new ruleset are accepted by nodes following the old ruleset, but not necessarily all blocks created under the old ruleset would remain valid. Unlike a hardfork, a softfork does not lead to a permanent fork if more than 50% of the hash power enforces it.
Solo mining means an entity is not part of a pool but instead attempts to mine full blocks itself. Due to Bitcoin’s enormous hash power and the luck involved in finding valid blocks, solo mining is increasingly difficult and rare.
The network can be spammed by creating a large number of transactions to yourself and filling up block. This raises fees and makes Bitcoin generally more expensive to use while decreasing its capacity. The Block Size limit exists to reduce the cost such an attack has on nodes, and to guarantee that even during such an attack the network stays functional. However, as miners earn transaction fees, it might be relatively cheap for them to carry out such an attack.
Every transaction has at least one input and one output. If an output is also the input to another transaction it is considered spent. To calculate your Bitcoin balance, sum up the value of the unspent outputs to which you have the private key.
Simplified Payment Verification. In the Bitcoin Whitepaper, Satoshi discusses the possibility of SPV. It would allow nodes to alert each other about invalid blocks, without the need to verify the full block. SPV has not been successfully implemented yet and might be impossible, as a negative (that the block is not valid) cannot be proven. Not to be confused with SPV wallets.
Some wallet advertise themselves as SPV Wallets. They do not validate the full Bitcoin blockchain, but instead rely on nodes to calculate the balance. Take caution, as such nodes could theoretically lie about the balance and validity of transactions to the SPV wallet, hence their reduced security characteristics.
Stealth payments allow two parties to make payments to each other without directly sending each other a Bitcoin address, which could be intercepted. Instead, they negotiate a key.
A token is an object that represents a right. Under this definition, Bitcoin can be considered a token (the right to transact on the Bitcoin blockchain). More commonly, tokens are meant to represent deeds, contracts, or physical objects. See also: a href=”#colored-coins”>Colored Coins.
Transactions per second. See also: Capacity.
A Bitcoin transaction is a signed message. It references the input transaction and contains at least one output. They are created by a wallet and then passed onto the nodes, who keep them in their mempool. As soon as a miner has included your transaction into a block, it is considered confirmed.
Every transaction has an identifier. While legacy transactions allow for a bug that makes this ID malleable, SegWit transactions have a deterministic transaction ID. This allows for second layer networks like the Lightning Network.
In popular usage, a computer is Turing complete if it can simulate another computer. Named after Alan Turing, this generally means the machine can calculate any arbitrary computable function. Bitcoin is not Turing complete, as its scripting language has limited functionality. This limitation is a conscious decision, as securing a machine with limited functionality is a far more manageable task.
As opposed to a One-way ATM, a Two-way can dispense cash in exchange for Bitcoin.
See: Transaction ID
See: Spent output
A Bitcoin address that appears to spell out a word or only consists of certain characters. It is made by quickly creating private keys, deriving the address from them and checking them against the desired outcome. Depending on how long the vanity address is supposed to be, this might take a very long time or be entirely infeasible.
Measurement similar to weight. One Vbyte is 4 weight units.
Software, hardware, or paper that holds your Bitcoin. It either contains the private key directly, or a seed to derive multiple private keys. A watch-only wallet only contains public keys but can be used to create unsigned transactions or check balances.
For SegWit transactions, it is less meaningful to calculate their size, as they are split between the transaction and the signature. A weight unit represents 1/4,000,000 the maximum size of a block. An alternative form is vbytes.
Somebody trading with a large amount of Bitcoin. See also: Bearwhale.
The eight-page document released by Satoshi Nakamoto on October 31, 2008, that outlines the core functionality of Bitcoin.
An alternative ticker for Bitcoin to the more commonly used BTC. It is meant to comply with ISO 4217, which regulates that non-governmental currencies have to start with an X.
A type of cryptographic scheme that proves the solution to a puzzle without revealing information about that puzzle. Zero-knowledge proofs can come in many forms, for example, to prove that the sum of inputs and outputs is equal to each other without revealing the sum.