alankrit.tech

Tag: blockchain security

  • Day 7 — If a Few People Control Mining, Is Bitcoin Still Decentralized?

    It might look like, from what has been discussed up to now, that Bitcoin is the perfectly balanced, fair and secure system. All transactions are verified by nodes, the miners compete to get their blocks added and their block reward, and this mechanism seems to keep the entire system running without anyone controlling it. But, if we look a little deeper, a problem can be spotted. The mining is a not easy operation. Specialized hardware and a lot of electricity is required for a process that, over time, becomes very competitive and exclusive. This begs the question, if mining becomes too expensive, won’t a small group of powerful miners take over?

    We can analyze the history of Bitcoin mining to understand how this came to be. When the Bitcoin system was launched, ordinary computers were enough for the mining activity. Everyone was able to run mining software on their PC and, eventually, gain a prize in BTC. Over time, with more participants involved, the difficulty of the cryptographic puzzle used to add blocks grew considerably. This made mining equipment very specialized and increasingly efficient machines, dedicated only to the Bitcoin mining. Gradually, mining went from a fun activity, or an extra income opportunity, to an industrial, large scale production process.

    As the race to mine bitcoins became more competitive, miners started to gather together, forming what are called “mining pools.” A mining pool consists of several miners who combine their computing resources and cooperate to solve the puzzle and achieve the mining of a new block. By pooling resources together, miners reduce the variability in their revenue, and can be paid more frequently than they could achieve alone. All mining pool members share the same amount of computing power that the pool has. When a block is successfully mined by the mining pool, the bitcoins obtained by that block reward are distributed proportionally among the members who provided the computer power.

    However, as more people join mining pools, we again see a problem: an increase of centralization of mining power. In fact, a single mining pool can easily possess a huge share of the Bitcoin network hash power and thus the capability of influencing the selection of the transactions to include into the block, or worse, the capability of launching a 51% attack on the network. An attack based on the 51% of the network computational power can even enable a user to rewrite the recent history of the Bitcoin block-chain. Fortunately enough, it’s nearly impossible to achieve a 51% attack due to its extreme cost. But the threat is still there and that might represent a weakness for the Bitcoin system itself.

    Although this tendency towards centralization does not completely ruin the system it must be said that, in fact, Bitcoin cannot become a centrally controlled system by few mining pools since any node of the network, no matter if he is a mining pool participant or not, is able to decide whether to consider a block valid or not, and if one mining pool starts to mine invalid block (by trying to fork the chain, for example) all the other nodes are supposed to stop mining it and continue to build up on a valid chain.

    We can thus observe that Bitcoin is a resilient system, resistant to external control thanks to the mechanism of independent nodes which validates blocks and miners which compete against each other. While the efficiency argument may make you think that Bitcoin could easily become a system controlled by few large organizations, its fundamental principles as well as economic reasons assure the decentralization that was at the heart of the project.

    This reveals us something important about Bitcoin. Despite the strength of its core design, it’s a system built to serve a purpose: transferring and storing value. As such, it does not support complex processes such as programmable agreements or distributed applications.

    The existence of such limitations opens a new question: would it be possible for the blockchain to do more than simply transfer value? Could it be used as a development platform to automate logic and build applications?

  • Day 6 — Who Actually Runs Bitcoin — And Why Do They Do It?

    By this point a natural question has begun to arise in the minds of the reader.

    If the Bitcoin system has no governing body, no bank, and no company running the show, then who is keeping the network alive and verifiable?

    Initially, it may seem that there must be some unseen hand secretly orchestrating things. This is far from the case however, Bitcoin’s maintenance is achieved through a collection of independent actors, from all over the world, each with different roles and different motivations.

    To properly understand this, we can break down Bitcoin participants into two key groups: nodes and miners.

    Nodes are the bedrock of the Bitcoin network. A node is simply a computer running the Bitcoin software which keeps a full or partial copy of the blockchain. Every time a new transaction is broadcast, it is independently checked against the network rules by a number of nodes around the world. The checks are made to ensure that the sender has the correct balance to make the transaction, that the transaction is properly signed, and that the same bitcoins are not being spent again. If any of these checks fail, then the transaction is rejected.

    What is fascinating about these nodes is that they gain no direct financial reward from checking transactions. This obviously begs the question why any individual would run a node at all.

    The motivation comes from ownership and trust. A node allows an individual to not have to rely on another party to verify the validity of transactions. They are then able to check the state of the network independently to ensure it is being governed correctly. For people, and organisations, who may own a significant amount of bitcoin this independence provides value because they are able to receive the ‘truth’ directly rather than through a third party.

    Thus, nodes act as the regulators of the network. They do not compete with each other or even necessarily know other participants, but they act to enforce the rules of Bitcoin. Any miner trying to submit an invalid block will find their attempt is rejected, no matter how much computational effort has gone into its creation, by nodes worldwide.

    Miners on the other hand are a different story. Whilst they run nodes to verify transactions and are required to do so for the system to function, their goal is different: they need to collect verified transactions into a block to present to the network and receive bitcoins in return. The miners have to do this by solving the computationally intensive problem that was discussed previously.

    Unlike nodes, miners do it for profit. They invest money in expensive computing hardware and have huge energy costs because the reward in Bitcoin and transaction fees is great enough to warrant such expenditure. This creates a competitive atmosphere, in which each miner will strive to be the first one to solve the computational puzzle in order to claim the next block.

    It is important to realise here that it does not matter if an individual’s computer is the fastest, the geographically closest, or has the best internet connection to solve the problem. Mining is a contest for the solution to a particular problem where each miner submits a ‘guess’ for the solution; with no knowledge of other people’s attempts. If your ‘guess’ is correct you win. Hence the higher the computational power of the computer the higher the number of guesses you can make and the more likely your answer is to be correct. Obviously smaller players can sometimes win as there is an element of chance involved.

    This leads us to an elegant balance in the network. Miners work hard to generate the coins and the rewards give them an incentive to spend a vast amount of energy. This in turn creates new blocks and transaction fees, but the network can still function with nodes even without them getting direct payment; their role is purely validation. Neither of these two groups controls the network and as long as people have an incentive, both miners and nodes will continue to exist and maintain the system.

    This is the process by which Bitcoin can exist without a central bank and without a managing body, by distributing power and by making money out of being involved with the system. But as a reward is given for mining a block, this suggests that a small amount of powerful actors will dominate the network. How will this impact the overall decentralization?

  • Day 4 — The Puzzle That Keeps Bitcoin Honest

    So, we came to an interesting point here: miners are competing with each other in adding a new block to the blockchain, and to do so, they need to solve a computational puzzle. The miner who solves it first gets rewarded in Bitcoins. On first look this seems a little strange. Why does a financial system rely on solving puzzles, and what does solving puzzles have to do with sending money? It might seem unnecessary at first, but this is where it all starts.

    We need to look at what these miners are doing in the background. When a miner gets some transactions from the network, it bundles them all up together to form a “block” that can be added to the blockchain. This block contains a list of all these transactions as well as some extra data linking it to the previous block on the chain. So it’s not just an isolated lump of data, rather it’s just a further part of the blockchain, and is linked to previous bits of data in a way that forms continuity through the entire chain. However, in order for a miner to add this block to the blockchain, they have to work out what number can be combined with all of the other data in the block in such a way that a specific condition, set by the network, is met.

    This is where hashing is important. You can think of a hash as a digital finger-print for data. Any chunk of data can be put through a hashing function (whether it’s a sentence, a file or a block full of transactions) and we will get a seemingly random fixed length output. But the beauty of hashing functions is that they’re incredibly sensitive to change. If I alter the slightest bit of the data, even just changing one letter in a sentence, the hash will be completely different. This means every block can be given a fingerprint, based not only on the data inside it, but also the fingerprint of the block which precedes it. The chain becomes self linked.

    This makes the blockchain incredibly tamper evident. If I wanted to change a transaction in an earlier block, the hash would change, breaking the link between that block and the one following it. This would cascade through the entire blockchain, and it would become impossible to make any changes at all.

    However, what are miners actually solving? The network has one condition. In order to be considered valid, the hash of the block must meet a specific criteria (for instance, it must start with x amount of zeros). Although this sounds simple, it’s actually incredibly computationally difficult to figure out. There is no direct way to work this out, miners have to try out millions, or even trillions of possible inputs until they find a suitable one. They do this by changing a small value within the block known as a ‘nonce’, a value that when paired with the rest of the data in the block, is hashed repeatedly, over and over until a suitable result is found.

    It’s like trying to break into a combination lock without any numbers at all. It just requires brute force. When a miner does eventually find a valid block, they simply show it to the network. The other nodes can easily verify that it is a valid solution, and thus the block is added.

    This creates a disparity in ease; solving the problem is extremely computationally expensive, however verifying it is easy. This is part of what ensures Bitcoin is so secure. The cost in resources, meaning it’s effectively impossible for malicious users to disrupt the system. To alter an earlier transaction you’d have to carry out the same computational effort for that block and every block after it, plus beat everyone else on the network to it, and all of this at speed.

    This whole system is known as Proof of Work and ensures that a degree of effort is involved in the process of adding to the blockchain to make it resilient to attacks. Instead of relying on trust from a central party, Bitcoin uses mathematical functions.

    We now have the structure of the whole thing working; transactions get submitted, verified by various parties on the network and then grouped together by miners who then add the block to the blockchain through the process of Proof of Work. There’s no central entity involved and it works well.

    This leads nicely into one final, crucial question: If it takes such resources to mine blocks (time, electricity, computational power), what drives miners to do this work for the network?

  • Day 3 — Who Verifies Bitcoin Transactions If There Is No Bank?

    By now something about Bitcoin should start to feel a little bit strange. You send over some cash and it is logged in a global ledger, there is no bank and no one controlling the ledger, and it somehow all still works out. When you take a moment and think about that you will find that there is a nagging, awkward question: since there is no single entity approving the transactions, who is to stop people from cheating?

    In the traditional finance world there is always a central party to maintain trust. When you make an electronic transfer over a bank you are trusting that they are confirming you have the balance required, they are also verifying your identity and then the key point they are confirming you don’t double-spend your funds. Without these checks and balances it would be a simple matter for everyone to cheat and so you have a concept known as double-spending where people try to spend the same funds over two separate transactions.

    Bitcoin overcomes the double-spending problem in a quite peculiar way. Instead of replacing the central trusting party, they are instead distributing trust over thousands of independent parties. To simplify the idea think about what would happen if you put that many students in a classroom and had no teacher and no leader. Everyone would have their own little notebook where they record their transactions and when one student calls out that they want to make a transaction, all the other students would look in their notebook to verify if that student has enough funds or that it hasn’t already been transferred before. If it hadn’t, the transaction is recorded by everybody.

    Scale that up to the entire world and you will start to get a rough idea of how the bitcoin system works with thousands of computers called nodes constantly running and recording each transaction. When a transaction is announced to the entire network these nodes go and check that it isn’t trying to be double-spent or isn’t otherwise illegal, and then everyone adds that to their ledger. However it wouldn’t do any good for nodes to confirm all the transactions, the actual chain needs to be built somehow.

    That’s where miners come in. Miners are a specific group of people running on the network, they pick up all of the verified transactions and then try and bundle it into a block and be the one to add it to the blockchain. They don’t add the next block however simply by choosing which one they want it to be and because they want to, it has to be the one that solves a very hard problem. Whoever solves the computational puzzle first is rewarded with the new block (which contains new bitcoin), but the way that it’s done makes it so that only someone with more computational power than the rest of the network combined could manipulate the system.

    The problem and the system itself looks slightly convoluted but without both sides of this ‘verification’ and ‘miner’ equation the system wouldn’t work. However there is a more deep layer to all of this. You’ve heard of this computational puzzle the miners have to solve but what is this puzzle exactly and why is it so difficult? The puzzle lies at the center of Bitcoin’s security framework.