Understanding bitcoin and its underlying technology “blockchain” — Part (2/3)
In the first part, we looked at what blockchain technology is and understood how bitcoin leverages this technology. The concepts covered included Hashing, Secured Hash Algorithm and Merkel trees.
In this second part of the three part series, I will concentrate on forking, what are hard fork and soft fork, move onto the Proof of Work concept and then explain Block time. I will also touch upon the Double Spending Problem and then look at some of the vulnerabilities of this technology, include the 51% attack.
Forks:
Blocks are produced by a process called mining. Since there is no single user or institution which produces the blocks, a phenomenon called fork, where two or more blocks are produced at almost the same time, can occur. This can lead to the splitting of the forward path of the blockchain into two. Thus when newer blocks are produced, they have to align themselves with one of these two paths. This leads to the formation of what are called Orphan blocks. These are blocks which are not selected to continue in the chain. Thus, one out of the two paths will lead to the formation of orphan blocks.
In some special cases though, these forks might not get resolved on their own. Thus, if two communities take on each other to promote a particular network, then this could lead to a permanent split of the network, creating two blockchain histories and two separate currencies, like Ethereum and Ethereum Classic.
Hard fork:
A hard fork is essentially an updation of protocols and softwares of the blockchain. This means, a new set of parameters and rules are introduced to the chain and every block which does not abide by these new rules becomes defunct. To escape this, all the blocks in the chain are updated with the new rules. If this not done, then the blockchain will not be able to store the digital transactions, leading to the verification of digital token problem.
One thing that needs to be kept in mind is the fact that development and updation of these protocols is done by an active community devoted to the betterment of the technology. Thus, it is not completely wrong to fathom a situation were a few developers actively protest against the new update. The case study of the Decentralized Autonomous Organization (DAO) and the birth of Ethereum Classic is an example of conflict. The DAO was split over the hard fork after the collapse of one of their major project. This resulted in the formation of another network of blockchain, which was mining Ethereum Classic.
Soft fork:
A soft fork is, as expected, an upgrade which does not require the previous blocks to undergo an updation process. A Soft fork is backward compatible. Solving the backwards compatibility problem leads to the forward compatibility problem. If miners continue to mine new blocks using old rules, the blockchain will reject them. Thus, in order to implement this new rule going forward, soft forks require a lot of hash power.
Hash power is a measure of the amount of power used by a particular network to be continuously functional. Thus, if the soft fork gets only a fraction of the hash power, then it might become an orphan block. The Bitcoin blockchain has mostly used the soft fork for upgradation, as they represent a lower risk of splitting the network.
Proof of Work:
Bitcoins Proof of Work algorithm is based on the SHA256 algorithm. Miners use this algorithm to solve computationally difficult math problems and add blocks into the blockchain. Every solution to this math problem does not add to the blockchain. A target is set by the community, with the miners expected to hash the blocks header to meet the criterion of the target.
An example of this target is that the hash value of the blocks header, which is a 256 bit alphanumeric string, must begin with 18 zeroes. This target is not fixed and changes after the generation of every 2016 new blocks.
The miners use a technique called Nonce to achieve the target. But this technique does not guarantee exact results, thus, the miners keep varying the Nonce slightly to achieve the target. The above process requires a lot of computational power as well as hardware resources, thus proving that a large amount of work and money is required to mine even a single block. This process is called the Proof of Work. The reward of mining this block is 12.5 Bitcoins.
Block time:
The average time taken to mine a new block is called the block time. Block time for Ethereum coins is roughly 17 to 19 seconds while the block time for a bitcoin is 10 minutes. The block time is used as a parameter to change the target for the hash values header. For the Bitcoins blockchain, the target is refreshed after every new 2016 blocks, which amounts to roughly two weeks.
The difficulty level of the new target is increased or decreased based on the average block time of the previous set of 2016 blocks. If the Block time was less than 10 minutes, then the difficulty level of the new block is increased. If the Block time was greater than 10 minutes, then the difficulty level is reduced to maintain the average Block time of 10 minutes.
The Double spending problem:
A Double Spending problem is a specific problem with digital cash. It means that the same digital token, which is nothing but digital cash, can be spent more than once. This is because the digital token is a file which can be duplicated or falsified. Let us understand why this is an issue with digital money alone.
If a person buys a McAloo Tikki worth Rs. 35 and decided to pay in cash, he produces money bills which amount to Rs. 35, which goes into the cash vault of McDonald’s. The same money bill cannot be used again by this person, unless he steals it. But digital money is not physical cash. It is just a specific bits of data, which can be reproduced and used more than once, to buy the McAloo Tikki and then to buy a coffee from Starbucks. Unless Starbucks has a verification mechanism which can verify that the above specific bits have already been used to purchase the McAloo Tikki, it will not be able to figure out that the same money was used twice.
This is where Bitcoin has hit a home run. It has solved the Verification problem, without charging an extra penny for the verification. It has solved the problem by using a decentralized digital ledger, that is the Blockchain. Every transaction, which gets registered into the Blockchain, is verified for duplicity to make sure there is no digital piracy of money.
Suppose a user A pays an amount X BTC to a person L. He then decides to use this same X BTC to pay person M and N. But the Blockchain prevents A from using the same bitcoin to pay three different person. All these three transactions go into an unconfirmed pool of transactions. Now there are two cases:
- Only the first transaction is taken up by the miners and added into the new block which is created. This is because these transactions are timestamped, thus the miners drop the other two transactions as they do not get enough confirmations.
- But if all the three transactions somehow have the same time-stamp, then the transaction which gets the maximum number of confirmations get added to the blockchain and goes through, while the other two transactions are dropped.
A rule of thumb says that the person must wait for 6 Confirmation to get assurance that the transaction has gone through. 6 Confirmation here means the addition of 6 new blocks onto the block in which the transaction of interest was recorded. The person can be assured of the transaction because, in order to reverse the transaction, A has to reverse the transactions of the 6 blocks that were added over his block, which is computationally impossible.
Vulnerability:
Blockchain technology was developed to be extremely secure and immune to external fallacy. The concept of decentralization has pushed the security threats on blockchain atleast 20 years into the future, with a solid hashing algorithm in SHA256 and the use of Merkel Trees making sure that Blockchain is immune to attacks. There have been a few methods proposed to test the security of blockchains, but these theorized have failed to hold up during real time application.
1. 51% attack:
If a person or an organization can get hold of 51% of the hash power of the network, then double spending is theoretically possible. Controlling 51% of the computing power of the network will allow the person/organization to deny confirmation to new transactions, which will stop the blockchains network. Thus, the 6 confirmation rule will get compromised and that person/organization can now reverse the transaction made earlier and use the same Bitcoin for more than one payment. This method is only theorized since the computational power and the electricity required to control 51% of the hash power might not even be possible for countries.
2. Race attack:
If the attacker sends some Bitcoin to to a merchant and then sends the same amount of Bitcoins to himself immediately, there is a chance that both these transactions might go through. This can happen if the following steps take place
- Both the transactions get added into the pool of unconfirmed transactions waiting for 6 confirmation.
- Whichever transaction gets verified first and gets 6 Confirmations gets added into the network.
- Thus, there is a possibility of the second transaction to get verified as it is a race to get 6 confirmations.
So far, there have been exactly zero successful race attacks. Thus, this method as well is theoretical.
3. Finney attack:
Proposed by Hal Finney, the first recipient of a bitcoin transaction, the Finney attack requires an active miner to participate. It can be understood by the following steps:
- The attacker adds a transaction in which he sends an amount X of Bitcoins to himself in the pool of unconfirmed transactions while mining for a block
- When the attacker gets a block, he then sends X bitcoins to a merchant in return for some service before broadcasting the block.
- After the attacker receives the service, he removes the above transaction and adds the previous transaction sending the bitcoins to himself. This will override the unconfirmed transaction to the merchant.
Let the time required to find a block be T and let t be the time taken for transaction between the attacker and the merchant to go through.
The probability of finding a new block during this process = t/T
This will lead to the attacker losing the reward B of mining a new block.
Thus the cost of attempting an attack = B x t/T
The merchant should thus wait for an average of V/B x t seconds to confirm the transaction, where V is the value of the transaction.
Conclusion:
I hope this post was informative and helped you get a good understanding of bitcoin and the blockchain technology. The third part of this three part series will look at the blockchain network and how to run it. Then I have touched upon the methods used to optimize the universal storage. A major chunk of the post is then dedicated to understand how transactions take place using bitcoin and some of the privacy concerns are highlighted.
I have also written posts on Unified Payment System and compared bitcoin and UPI. Indian readers will especially be interested to see where UPI stands with respect to bitcoin and blockchain technology. Please naviagte to this link to read on.
