In the blockchain industry we hear a lot about consensus algorithms, we debate about them and try to learn as much as possible. As you know, to reach consensus on the network Bitcoin is using proof of work (PoW). Ethereum is using it as well, but soon will replace it with proof of stake (PoS). Why would they do that? Well, there are a couple of reasons, PoS is more efficient than PoW could ever be. But, both of them have their pros and cons.
In this article, we will make an overview of proof of work consensus algorithm, its good and bad sides.
PoW was introduced back in 1993
The whole idea emerged back in 1993, when Cynthia Dward and Moni Naor published a science paper On Memory-Bound Functions For Fighting Spam. In their paper, they were trying to introduce a new method of combating spam emails which are sent by using computer power for every email (or transaction)..
“If I don’t know you and you want to send me a message, then you must prove that you spent, say, ten seconds of CPU time, just for me and just for this message.” C. Dwork and M. Naor, Pricing via Processing, Or, Combatting Junk Mail, Advances in Cryptology
The proof of work is a function which is hard to compute but easy to check. The function has a message, a recipient address, and a few other parameters. In that paper, Dwork and Naor called it pricing function. Today’s computers can send millions of spam messages each day which creates a big problem. However, if computers need to spend 10 sec on each message, they will be able to send only 8 thousand spams per day.
In 1999, in paper Proofs of work and bread pudding protocols published by Markus Jakobsson and Ari Juels, the term “proof of work” is introduced and notation is created. Their goal was to characterize the notation of a proof of work (POW), a protocol in which a prover demonstrates to a verifier that he has expended a certain level of computational effort in a specific time interval.
The protocol was not so popular until Satoshi Nakamoto released Bitcoin whitepaper, the proof of work was the most significant idea behind it. With that protocol he introduced the idea of how it can be used to allow trustless and distributed consensus.
So, what exactly is proof of work?
A proof of work is a consensus algorithm in which it’s costly and time-consuming to produce a piece of data, but it’s easy for others to verify that the data is correct. The most popular cryptocurrency Bitcoin is using Hashcash proof of work system. Although initial Hashcash idea was to fight against email spammers, Satoshi applied this idea to bitcoin transactions.
For a block to be accepted by the network, miners have to complete a proof of work to verify all transactions in the block. The difficulty of this work is not always the same, it keeps adjusting so new blocks can be generated every 10 minutes. There’s a very low probability of successful generation, so its unpredictable which worker in the network will produce the next block.
In a network users send each other coins and ledger gathers transactions into blocks, but someone should take care of all transactions and validate them. In every blockchain some nodes are doing validation In the example of Bitcoin miners are nods. The way those nods authorize transactions depends on consensus algorithm, it doesn’t need to be proof of work, but in Bitcoin example it is. Long story short, proof of work is a system which ensures security and consensus throughout blockchain network. It’s evident that participant which validates block have invested significant computing power to do so.
How does it work?
Well, miners will try to guess a random number that should give them the right hash for that block of transactions. In this process, there are two things that we have to define: nonce and hash function.
Nonce – it’s a random number used only once. In case of Bitcoin that number is an integer, so it could be any number between 0 and 4 294 967 296.
Hash – it’s an algorithm or very complicated formula that converts any sequence of characters into a string of 64 chars or numbers.
As you already know, every block in blockchain has its hash (id). That’s a string that someone got when he verified that block. So when you want to verify the next block, you will take that hash and add the current block of transactions. You will have a big block of text. The next step would be to take nonce – a random number, and add it to the end of that block of text. Now you have a big block of text which contains a hash of the previous block, new transactions, and a random number. When you have all that, you are ready to start calculations. For calculations you use the hash function, and change the random number until you get a string that has a certain number of zeroes in front of it.
It seems easy, but be aware that your computer has to perform around 10n21 computations to find the right number. That’s not a small number and it takes around 10 min to find the right number that will give you the needed string. For a hash function, Bitcoin is using SHA-256 hash algorithm. It’s not connected to proof of stake and you don’t need to use that algorithm, but Bitcoin is using it in its proof of work.
Let say that you have everything you need to start computing. The hash from previous blockchain block is 00000000000000000028c91a95cd6a5b6cbd913c203510eab269208df6c64091, you have a bunch with 100 transactions, and you pick a random number 1. Everything is ready and you send everything to the hash function.
You can see in an illustration above that you didn’t get the right string. The resulting string starts with only three zeros and you have to get a string with 18 zeros. So, you will choose another random number and start another calculation. This time we will choose number 2.
This time, you chose the right number and as a result you got a string that starts with 18 zeros. You verified this block, and if you were the first one who got it a reward for that block would go to you.
A machine or computer must keep incrementing nonce until it finds the right one. It means a computer has to brute force that number and generate millions of hashes per second to generate the one that will have the same number of starting zeros as defined. It’s costly and time-consuming to execute a PoW for a block, but it’s easy for someone to verify if some block is correct.
Let’s say someone wants to check if Node A did the required work. He will simply use block string that Node A got after validation and take its nonce number. On them he will apply hash function and if the result has the correct number of leading zeros, if it has, everything is fine.
Proof of work ensures that blocks can’t be added to the blockchain without executing necessary work. That way, an evil node can’t easily validate blocks and add whatever he wants into blockchain. If he tries to, other participants in the network would just dismiss his block, and everyone would know that the block is not valid.
How this prevents blockchain from changing history?
The interesting thing about hash functions like SHA-256 is the fact that the function will give a different result if anything changes in a block of text that you validated. This means that if someone changes only one transaction for a small amount, the result will not be the same and everyone will know that it’s not a valid transaction.
Hack function will always give the same result if the input is exactly the same, but will never give the same result for different input.
Just imagine having an agreement with your employer about work requirements and conditions. If it’s on the blockchain, no one can change it and say something other than what you accepted. If someone changes something, the hash string will be different and everyone in the blockchain network will know that it’s not a valid agreement.
Are there any disadvantages?
Proof of work is a great consensus algorithm, but it’s not perfect. To execute PoW we have to spend high amounts of electricity and computer power just to brute force hashes. The power used for PoW is just a waste of resources. Just imagine if some cryptocurrency that uses PoC, like Bitcoin, goes to mainstream adoption. How much electricity would be used to have the network running?
The second problem is centralization and mining pools. Someone who mines with just one CPU will not have a good chance for a reward, but someone who has a mining pool with thousand CPUs will have a better chance. Today, almost 50% of Bitcoin hash power is coming from a few mining pools. That means that only a few people have to meet at the same desk to agree on 51% attack and changing the blockchain if they have a reason to do that. This may create centralized PoW and it goes against the idea of decentralization.
Also, it’s important to mention that more than 70% of mining power is coming from China. Pools are becoming centralized because the cost of electric power is not the same in every country. We can’t expect big mining pools in countries where it’s expensive, but we are seeing many pools in countries where it’s cheap.
Proof of work is not perfect but it works
Maybe you are not sure of how proof of work could achieve consensus, so I will try to explain it a little bit. For any proof of work system you have to be sure that at least half of the participants have good intentions. Why is that important? Well, you don’t know who they are and where are they coming from, you don’t know anything about them. In Bitcoin example, it doesn’t matter. No one knows who will be the next successful validator, so in that system we have more than 50% chance that validator will have good intentions.
In blockchain you have a chain with blocks on which you can add a new block after it has been validated. Bitcoin community agrees that the longest chain will be the right one, because the most amount of work had gone into that chain. We already know that every blockchain block requires a lot of computing power, so the longest chain has the highest amount of accumulated work invested in it. Also, we know that blockchain is a distributed ledger among all participants, and they don’t know who the validator is going to be. Therefore, we can say that the longest chain has the network consensus.
Let’s just see what could happen if more than 50% of validators had bad intentions. Someone could put wrong transactions on the block and someone else would have their funds stolen. The community would not believe in the network anymore, and would start to use another blockchain. If that happened, miners who earn a lot of money every month for validation and who invested a lot of money in the equipment would lose everything. The use of that blockchain would decrease significantly and miners would not accept that. We have to keep in mind that miners are validators, so if someone wants to make a bad thing on the network that could happen only with their help. This shows that the network has an economic reason to stay fair and honest.
Of course, there are other consensus algorithms and proof of work is not the only one, but it’s a good enough for Bitcoin. Proof of work is an inefficient system, and the cost of keeping the network alive is high There are better solutions, like proof of stake. Even Ethereum will replace its proof of work with proof of stake, to be more efficient.