Transactions are approved in units called "blocks."
The bitcoin protocol validates or "confirms" transactions in chunks called "blocks." It specifies that blocks can be no bigger than 1 megabyte, which means the number of transactions each block can contain is "capped." Not only that, but blocks can only be created once every ten minutes (on average).
Going back to the concrete example from earlier, it's like bitcoin elects someone in the town to be a transaction validator every ten minutes, and forces the validator to approve no more than 1MB of transactions. Of course, this limits the number of transactions per second that can run on the system, so in order to figure out which transactions make it into every block, bitcoin also allows transactions to have a variable fee attached.
If there are too many transactions to fit in a particular block for a given ten-minute interval, the validator will generally just choose the ones with the highest fees to include in the block, since the validator gets to keep the fees. You might be wondering: Why does bitcoin intentionally limit the number of transactions per second its system can sustain? The main reason is scalability and, indirectly, security.
Remember in the concrete example from before that everyone has to keep a notebook with everyone's balance in it — but in bitcoin everyone has to keep a copy not only of everyone's balance, but also every transaction that has ever been executed on the system. This sounds wasteful, and it is, but it's the only way to make sure that the system is robust to various kinds of attacks.
For example, if everyone only kept balance information but didn't keep the transactions that lead to the balances, new people joining the network that were trying to bootstrap their balance notebooks wouldn't be able verify that the data they got was legit. A concrete example helps here:
- Suppose Warren Buffett joins the town and needs to bootstrap his notebook.
- He asks Bernie Madoff, who's already in the town, for his balance data so he can copy it into his notebook.
- Crooked Bernie tweaks his notebook before giving it to Buffett, giving himself a much higher balance.
- Without the previous transactions, Buffett has no way to validate which balances in his notebook are legit and which aren't. Even if he asks someone else for their balance data to compare, he'd have no idea who's lying.
- Instead, in bitcoin, the protocol requires Madoff to give Buffett not only the full balance data, but also the full transaction list, with signatures from all the previous validators.
- Bitcoin uses public/private key cryptography to sign transactions, so when we say that previous transactions were "signed" by the validators, it's not like a normal signature — it's a signature that could only have been produced by the validator himself. So it can't be forged.
- Under the added constraints of storing a full list of signed transactions in everyone's notebook, and forcing new people who join the network to download/check this list when they join, there's no way for people like crooked Bernie to trick new people.
So, why does the bitcoin protocol limit the block size to 1MB and the "block time" to 10 minutes?
The reason is because if it didn't, there would be too many transactions for everyone to store. Because everyone has to store a full copy of all transactions that have ever occurred, the more transactions per second you allow the fewer people you'll have who will be willing to join your network. Sure, you could designate people to store all the transactions, and just always go to them whenever you want to send/receive money, but then you just end up with the modern banking system, which as we saw earlier isn't very robust to attacks. In other words, there is a single point of failure where if these designated people get compromised, and the entire system breaks down.
Thus, there's this fundamental trade-off between transactions-per-second (TPS) and the number of so-called "full nodes," computers that store all the transactions, you have running on your network. As a result, this trade-off between TPS and decentralization has actually resulted in a heated debate, known as the block size limit controversy, where some people want to increase the TPS in favor of slightly more centralization, and some people don't.