Blockchain Developer's Guide
上QQ阅读APP看书,第一时间看更新

Proof of Work

The first consensus algorithm used in blockchains was Bitcoin's proof-of-work (PoW). Proof-of-work fundamentally functions by exploiting a feature of certain cryptographic functions: there are mathematical problems that are very hard to solve, but once they are solved, they are very easy to check. As discussed before, one of these problems is hashing: it's very easy to take data and compute a hash from it, but extremely difficult to take a hash and discover the input data. PoW is most notably used by Bitcoin, Litecoin, and Ethereum.

PoW has the following characteristics:

  • Relatively predictable time to solution: Bitcoin's network protocol expects each block to take about ten minutes to solve. If the network starts to solve the proof-of-work problem too quickly, the network will automatically increase the difficulty.
  • Resistant to large increases or decreases in computing power: Moore's law suggests that the amount of work computers can do is expected to double every two years. In addition, because the network is open, anyone can add vast computing resources to the network at any time. For the network to remain stable, the algorithm must automatically adjust itself. Similarly, if the network ceases to be profitable, then the amount of computing power being used will drop as those resources are redirected. This is achieved through the automatically adjusting difficulty in the algorithm. It must be easy for any network participant to quickly check that they have the right chain and that the chain is valid. This is achieved through the use of hashing functions.

The proof-of-work algorithm maintains network integrity as long as no group of actors controls more than 50% of the overall network computing power. The possibility of bad actors being able to control the chain is called the 51% attack. If a single group ever controls more than half the network power, they can control the network and network transactions by halting payments or even doubling spending. The attacking group would be able to prevent new transactions from being confirmed (halting payments for users as they see fit) and even reverse transactions that happened after they had started controlling the network.