If you are new in the world of Bitcoin/Blockchain world then you will always hear Proof of Work (PoW) again and again in connection with Bitcoin. It’s about the consensus mechanism Proof of Work.
History and basic principle of Proof of Work
The Proof of Work (PoW) concept was developed in the year 1997 by the cryptographer Adam Back. The Briton was looking for a solution to stop spam emails. To achieve this, they used the most important feature of cryptographic hash functions, the one-way principle. The one-way principle means nothing else than that the result of the function cannot be calculated back into the input. To illustrate, we make a hash function that calculates the checksum multiplied by the cross product of the input in two digits.
Example: Input = 78145 -> Output = (7 + 8 + 1 + 4 + 5) * 7 * 8 * 1 * 4 * 5 = 28000 and of which the checksum = 10
We can see that we can no longer calculate the output. If we want to find out the input, we have to guess and try all the possibilities until the hash function spits out the 10. It may, of course, be, especially if the information content of the input is greater than that of the output, that you come to 10 through another input. In our case, for example, all numbers that consist of permutations of the group of numbers (7,8,1,4,5) such as the number 54187.
These false hits are called collisions and it is up to the architects of a hash function to minimize this decrease. To get the one-way principle, the hash function has to generate a completely different output even with minimal change of input. This is to prevent that one can approximate the input algorithmically. Our hash function is for demonstration purposes only. Proper, efficient hash functions are much more complex.
Back to Hashcash. Adam Back’s idea was that the spam e-mail, including headers, hashed and the output should hang. The hash has certain rules to follow. So it may only be in a certain range so in our example we say between 5 and 15. This has the consequence that the transmitter must guess inputs until the condition is met. For this, he uses a field in the header that he can vary at will. The recipient also hashes the email and sees if the output matches the attached hash. If this is not the case, the e-mail is identified as spam, otherwise, it is verified.
Normally an e-mail costs nothing, which has brought us the well-known spamming. This technique makes sending bulk mail significantly more difficult. Each e-mail has at least the recipient different and this results in a completely different hash. The spammer has to re-guess the hash for each email, which costs effort and money. So the whole thing quickly becomes unprofitable and the content of the emails must be well considered.
We have learned that proof of work is a technique to provide a digital proof of work. Anyone who wants to generate a specific hash must calculate it more or less costly by trying it out. The difficulty can be increased by limiting the possible expenses. So in our case, as an example, we limit all valid issues to between 9 and 10. So I have 8 options less if I define a valid output as between 5 and 15. This means that there are also fewer possible inputs that lead to the desired output, and consequently, it is necessary to search for these randomly distributed values longer.
Proof of Work as a consensus mechanism
In traditional book-money transfer, there is one central institution, the bank, which records, clears and authenticates transactions. The trading parties trust this instance and may hold it accountable.
In a decentralized approach, the whole network must agree on which transaction history is the valid one. Although the transaction, that is, the information that I send x units to address y, cannot be forged per se if you do not have the corresponding private key, how can I ensure that a transaction is recognized by the network? All consensus mechanisms basically assume that the majority in the network is honest, otherwise, the whole system makes no sense.
To prove this majority, there are two basic approaches: trustless and the non-trustless solution. In the case of the trusted, every network node in the network is known. The information is confirmed by a signature of the familiar network nodes. For the non-trusted, each node is anonymous and can join or leave the network at any time. Most cryptocurrencies use non-trusted or hybrid approaches.
Proof of work
In the Poof of Work consensus, the hash procedure is used to prove the necessary majority. So security is based on the assumption that most of the hash in the network comes from honest network nodes. The hash power indicates how many hashes per second can be tried. Since the network nodes providing the hash performance are rewarded for found valid hashes, they are also called miners (analogous to the gold finder). The whole thing goes like this. The transactions i.e.signed information packages in which who sends whom and how much extra arbitrary transaction fees for the miner are communicated to the network by the broadcasters.
The miners pick up the transactions and check the consistency of the data (is the signature valid? the sender has the credit …) and put them in a block. This block has a size limit which may not be greater than 1 megabyte in Bitcoin. It is important that this block contains the hash of the previous one so that it forms a logical chain. Now the miner begins to hash to the entire block until a network hash has been found. He has a number field (called nonce), which he can constantly change. If he has tried all numbers and has not yet found a valid hash, he rearranges the transactions or mixes them with others that are not contained in any block.
Now the miner begins to hash the entire block until a network hash has been found. He has a number field (called nonce), which he can constantly change. If he has tried all numbers and has not yet found a valid hash, he rearranges the transactions or mixes them with others that are not contained in any block.
If he has found a valid hash, he sends the block to all network nodes. These check the hash and all data for consistency. If everything is correct, the block is accepted and inserted into the database. If 2 valid blocks with different block hash arrive at a node almost simultaneously, it first saves both. At the next ones, it checks which of the blocks fit until a clearly longer branch has formed. The shorter branch dies.
The protocol includes the rules or acceptance criteria for each block by the nodes. For Bitcoin, the most important acceptance criteria are:
- The block hash must be within the range specified by the network. This area will be adapted to all 2016 blocks. The goal is to choose this so-called difficulty so that the average time to produce a block is 10 minutes. Therefore, ideally, after 2016 blocks, if more time has passed, the range of possible hashes is increased so that one can be found faster else vice versa. This means that time is given to syncronize the entire network. The difficulty is deterministic and can be recalculated and checked on the blockchain.
- All transactions in the block must be valid.
- Timestamps must not be more than 2 hours in the future.
- The fee for the miners must comply with the specifications. Since the first block is halved every 210000 blocks. It started at 50 bitcoins / block (currently 12.5 BTC / block). This is how the actual bitcoins are created.
- The longest blockchain, is the one with the most computing power behind it, is the valid one.
As we already know, you can not fake a transaction, but you can theoretically prevent a transaction from being written to the blockchain or undoing an earlier transaction. All blocks are interlocked with each block containing the block hash of the previous block. If an attacker wants to manipulate a block, he has to change the entire branch that has grown on the block and thus muster the total computing power that has already been put into this branch. He succeeds in this if he is in possession of at least 51% of the total hash of the network for a sufficient amount of time. He then affiliates on his version of the chain with fake timestamps.
By consensus, by agreeing on the chain with the most computational power behind it, all nodes will accept it. As a result, a transaction is more secure as more blocks follow the transaction-containing. 51% attacks are extremely costly and only make sense if you want to destroy the network. If you want to gain a financial advantage by reversing your own transactions and generating duplicate spending, you will face a massive price crash and you will end up losing. Such actions would be noticed on the Blockchain and the resulting panic would plunge the markets into chaos.
- Since you can not fake computing performance proof of work is still the safest consensus mechanism.
- Relatively simple technology compared to other distributed database systems. Much of the ideas are also used in other systems.
- The system has an amazing game-theoretic balance. As mentioned earlier, attacks only make sense if you want to destroy the network and not if you want to draw a direct financial advantage.
- Due to the block times and block size limitation, Bitcoin can not scale. At the moment, Bitcoin can handle only about 7 transactions per second with an average latency of 5 minutes.
- Creating the hashes is extremely energy-consuming. Currently, the bitcoin network has a hash of about 45 trillion hashes/second. This means that a good 6x as many hashes per second are tried out as the University of Hawaii quantifies the grains of sand in the oceans. There are projects that try to recycle Bitcoins hash performance like Komodo for example. Others do not want to perform the proof of work by pure hash, which is otherwise pointless, but make reasonable calculations. Primecoin, for example, calculates prime number chains used in science. In the latter case, watch out if the miner with the by-product also earns money, in turn, more miners will enter the market and promote the expensive arithmetic. On the other hand, he can compensate for the costs of a possible 51% attack with the secondary source of income. It, therefore, leads to a game-theoretical balance to the disadvantage of bitcoins.
- The network has increasingly centralized through pooling.
- Low hash performance, especially when launching a pow chain, makes the network vulnerable to 51% attacks.
Disclaimer: This information should not be interpreted as an endorsement of any cryptocurrency. It is not a recommendation to trade. The crypto market is full of surprises and overhyped assets. Do your research before buying anything. Do not invest more than you can afford to lose.
Instant Crypto Credit Lines™ from only 5.9% APR. Earn up to 8% interest per year on your Stablecoins, USD, EUR & GBP. $100 million custodial insurance.
You are new to Cryptocurrency and Bitcoin and want to get a head start?
You are addicted to Crypto and do not want to miss out?
This post may contain promotional links that help us fund the site. When you click on the links, we receive a commission - but the prices do not change for you! :)
Disclaimer: The authors of this website may have invested in crypto currencies themselves. They are not financial advisors and only express their opinions. Anyone considering investing in crypto currencies should be well informed about these high-risk assets.
Trading with financial products, especially with CFDs involves a high level of risk and is therefore not suitable for security-conscious investors. CFDs are complex instruments and carry a high risk of losing money quickly through leverage. Be aware that most private Investors lose money, if they decide to trade CFDs. Any type of trading and speculation in financial products that can produce an unusually high return is also associated with increased risk to lose money. Note that past gains are no guarantee of positive results in the future.