One of the functions of money is to solve the problem of the double coincidence of needs. In a system based on bartering, the completion of an exchange requires not only finding an individual who is willing to give away a good corresponding to my need, but also providing them with a good of equivalent value that satisfies their own need. Striking this balance is a complex matter.

That's why we use money to move value in both space and time.

For coinage to solve this problem, it is essential that the party providing a good or service is convinced of its ability to spend that sum at a later date. Thus, any rational individual wishing to accept a coin, whether digital or physical, will ensure that it meets two fundamental criteria:

If you're using physical currency, it's the first characteristic that's the most complex to assert. At different periods in history, the integrity of metal coins has often been affected by practices such as trimming or piercing. In ancient Rome, for example, it was common practice for citizens to scrape the edges of gold coins to collect a small amount of precious metal, while saving them for future transactions. The intrinsic value of the coin was thus reduced, but its face value remained the same. This is one of the reasons why the edge of the coin was later fluted.

Authenticity is also a difficult characteristic to verify on a physical monetary medium. Today's techniques for combating counterfeit currency are increasingly complex, forcing retailers to invest in costly verification systems.

On the other hand, because of their nature, double-spending is not a problem for physical currencies. If I give you a €10 bill, it irrevocably leaves my possession and enters yours, which naturally rules out any possibility of multiple spending of the monetary units it embodies. In short, I won't be able to spend this €10 bill again.

For digital currency, the difficulty is different. Ensuring the authenticity and integrity of a coin is often a simpler process. As we saw in the previous section, Bitcoin's UTXO model enables tracing a coin back to its origin, thereby verifying that it was indeed created by a miner in compliance with consensus rules.

On the other hand, ensuring that there is no double-spending is more complex, since all digital goods are, in essence, information. Unlike physical goods, information is not divided up when it is exchanged, but spreads by multiplying. For example, if I send you a document by e-mail, it will be duplicated. You can't be sure that I've deleted the original document.

The only way to avoid this duplication of a digital asset is to be aware of all exchanges on the system. In this way, we can determine who owns what and update each person's holdings accordingly based on the transactions carried out. This is what happens, for example, with scriptural money in the banking system. When you pay €10 to a merchant by credit card, the bank records the exchange and updates the account book.

On Bitcoin, double-spending is prevented in the same way. We seek to confirm the absence of a transaction that has already spent the coins in question. If the coins have never been used, then we can be sure that no double-spending will occur. This principle was described by Satoshi Nakamoto in the White Paper with the famous phrase:

But unlike the banking model, we don't want to have to trust a central entity with Bitcoin. Therefore, all users must be able to confirm the absence of double-spending without relying on a third party. So everyone needs to be aware of all Bitcoin transactions. This is why Bitcoin transactions are publicly broadcast on all network nodes and recorded in clear text on the blockchain.

It is precisely this public propagation of information that complicates the protection of privacy in Bitcoin. In the traditional banking system, in theory, only the financial institution is aware of the transactions carried out. With Bitcoin, on the other hand, all users are informed of all transactions via their respective nodes.

In the traditional system, your bank account is linked to your identity. The banker is able to know which bank account belongs to which customer, and which transactions are associated with it. However, this flow of information is cut off between the bank and the public domain. In other words, it is impossible to know the balance and transactions of a bank account belonging to another individual. Only the bank has access to this information.

For example, your banker knows that you buy your baguette every morning from the local baker, but your neighbor is unaware of this transaction. In this way, the flow of information is accessible to the parties concerned, notably the bank, but remains inaccessible to outsiders.

Due to the constraints on public propagation of transactions that we saw in the previous section, Bitcoin's confidentiality model cannot follow the banking system's model. In Bitcoin's case, since the flow of information cannot be broken between transactions and the public domain, the privacy model relies on the separation between the user's identity and the transactions themselves.

For example, if you buy bread from the baker and pay in BTC, your neighbor, who has their own full node, can see your transaction go through, just as they can see all the other transactions in the system. However, if confidentiality principles are respected, he should not be able to link this specific transaction to your identity.

But since Bitcoin transactions are made public, it is still possible to establish links between them to deduce information about the parties involved. This activity even constitutes a specialty in its own right, known as "blockchain analysis". In the next part of the course, I invite you to explore the fundamentals of blockchain analysis, so that you can understand how your bitcoins are traced and better defend yourself against them.