Part 10 · Advanced & Rare Concepts
Everything before this part teaches how Bitcoin works. This part teaches the things that bite you in production — the subtle mechanics, the famous bugs, the attacks that actually happened, and the cryptographic frontier. These are the topics that separate “I read the whitepaper” from “I’ve shipped against the protocol.”
Why most engineers get these wrong
Section titled “Why most engineers get these wrong”The common failure mode is reasoning about Bitcoin as if it were a database with an API. It isn’t. It’s an adversarial, eventually-consistent system where:
- a transaction you “sent” may never confirm, may confirm with a different ID than you signed, or may be replaced by a conflicting one;
- “the balance” is a derived view over a set that lives in RAM, not a stored number;
- a payment that looks final to your eyes is only probabilistically final;
- everything you broadcast is public forever and links to everything else you’ve ever touched.
Each page below takes one of these realities and follows it all the way down — with concrete scenarios where it has cost people real money.
The reading track
Section titled “The reading track”Transaction mechanics — what really happens after you sign
Section titled “Transaction mechanics — what really happens after you sign”- Transaction malleability — why the ID of a transaction could change after you signed it, the Mt. Gox excuse, and why this single quirk blocked Lightning for years until SegWit fixed it.
- RBF, CPFP & the zero-confirmation myth — how to un-stick a transaction, and why accepting unconfirmed payments is a loaded gun.
- SIGHASH flags & the SIGHASH_SINGLE bug — what a signature actually commits to, and how the answer enables crowdfunding, atomic swaps, and one of Bitcoin’s scariest footguns.
- Timelocks → HTLCs —
nLockTime,nSequence,CLTV,CSV, and how four obscure fields make Lightning and cross-chain swaps possible.
State & scaling — the part nobody shows you
Section titled “State & scaling — the part nobody shows you”- The UTXO set vs the chain — the distinction that explains pruning, dust, dust attacks, and why “blockchain size” is the wrong thing to worry about.
Privacy — pseudonymous is not anonymous
Section titled “Privacy — pseudonymous is not anonymous”- Privacy & deanonymization — the heuristics chain analysts use to unmask you, and the defenses (CoinJoin, PayJoin) that fight back.
Attacks & famous incidents — the war stories
Section titled “Attacks & famous incidents — the war stories”- Famous incidents & attacks — the day Bitcoin minted 184 billion coins, selfish mining, the Finney/race/51% family, and transaction pinning.
The scripting frontier — where Bitcoin is going
Section titled “The scripting frontier — where Bitcoin is going”- Taproot, Schnorr & MuSig2 — key aggregation, MAST, and why a 12-of-15 multisig can look exactly like a single payment on-chain.
- Soft forks & the “anyone-can-spend” trick — the beautiful hack that let Bitcoin upgrade itself without splitting, plus OP_RETURN and inscriptions.
Keep the thread
Section titled “Keep the thread”The same question from page one still applies, and it’s sharper here: how does this mechanism help untrusting strangers agree on one ledger — and how could an adversary abuse it? Every advanced topic below is best understood as one side of that arms race.