To keep track of the existence and current state of every Bitcoin in the system, the Bitcoin protocol uses an Unspent Transaction Output system. These are referred to as UTXOs.
All Bitcoin transfers involve the consumption of one or more UTXOs and the creation of one or more new UTXOs. The Coinbase transaction, which is only permitted to be the first transaction in a block and can only create UTXOs that total block reward + block fees or less, is the only exception to this rule.
It is impossible to create a bitcoin transaction that spends inexistent bitcoin because of the fundamental structure of a transaction. The moment the transaction is created, it is deemed invalid because the UTXOs being consumed do not exist.
Even though this is not possible, the reasons why it is not possible may not be immediately apparent to those who are not familiar with the specifics of how Bitcoin functions. For this reason, many people, especially those who are new to the space, look for such things as a way to quickly obtain Bitcoin for free or at a low cost. As a result, a number of scammer organizations release videos featuring altered block explorers and wallets that appear to let them start fictitious transactions.
These organizations then offer to let you download the software for free or just give you access to it for a small fee. However, most of these programs are trojan horses that contain code to steal your system’s Bitcoin wallets or give scammers ongoing remote access to your computer.
Regarding each question specifically:
Why can’t I just invent some bitcoins?
It is impossible to introduce new Bitcoin into the system undetected because every bitcoin in the system is either the outcome of a coinbase transaction or the outputs of a transaction that moved previously extant bitcoin. Any UTXO must always be connected to one or more coinbase outputs at any given time.
What prevents fraudulent transactions from being transmitted over the network?
Before accepting transactions into their mempool or rebroadcasting them further, all well-behaved nodes on the network validate them. Part of this validation includes comparing all utxos in the transaction to the node’s own list of valid utxos. The transaction is deemed invalid and dropped if it claims to spend a UTXO that doesn’t exist in the node’s list.
Why is it that only the owner can use their money?
Standard Bitcoin addresses rely on a single private key (single key addresses) or multiple private keys (multisig addresses). The locking script of the address contains an encoding of the public keys corresponding to these private keys (also known as the scriptPubKey). The signature on that input is compared to the embedded public key during these scripts’ evaluation (s). The transaction is deemed invalid if the signatures do not match.
It should be noted that it is possible to create outputs without a “owner” because not all locking scripts in the Bitcoin script must perform a key check, and it is possible to create a custom script that doesn’t require signatures to spend. However, no consumer wallet operates in this manner, and nearly every address a typical user will come across is protected by one or more private keys.
Why is it impossible for a third party to change who receives a transaction?
SIGHASH ALL is the signature flag used to sign common transactions. Consequently, all inputs and outputs are signed by the signature of any one input (in effect, signing all material aspects of the transaction). The signature is no longer valid if any input or output is changed, deleted, or otherwise altered because the data it signs has changed.
Other signature flags may be used to assemble a transaction.
But once more, only SIGHASH ALL is used by consumer wallets.
What stops a miner from stealing your transaction’s funds when they are creating a block?
A miner is also unable to change the results of your transactions because SIGHASH ALL signed each transaction, which is similar to the previous point. A miner may very well steal the money if a transaction is purposefully signed with SIGHASH NONE. This does not, however, because no sensible wallets perform such a signature.
