Understanding Proof-of-Work: Achieving Consensus and the Double Spend Attack

This post is part 2 of my series on proof-of-work. If you have not read part 1 yet, click here.

Mining Only Pays Off if it is on the Right Chain

Miners are not guaranteed to receive their block reward just because they successfully mined a block. There are times when two miners solve a block at the same time creating a temporary fork in the network. In this situation, both versions of the blockchain (created by the fork) are technically legitimate in the sense that these blocks were created by honest miners. We can refer to these miners as honest because they both followed the rules when the fork occurred. Even though both miners acted honestly, the network still needs to converge on a single version of the blockchain.

This is a temporary fork in the network. Both miners that proposed their version of block 4 were following the rules of the network when this fork occurred.

The network resolves this temporary split by accepting the chain with the most proof-of-work. Proof-of-work is the amount of processing power that went into a specific version of blockchain history. Usually, the chain with the most proof-of-work comes down to the fork that eventually becomes the longest chain (the chain with the most blocks).

A miner somewhere in the network built a block on top of one of the forks. Now, the fork on the right clearly demonstrates the most proof-of-work. That is now the true chain.

Once a node in the network builds an extra block onto one of the two competing versions of the blockchain, the entire network accepts that chain because it now demonstrates the most proof-of-work. This consensus process is important because it ties the true version of the blockchain to the most resources collectively consumed by miners to produce that version of the blockchain.

Willfully Mining On Less Proof-of-Work

When someone downloads miner software for the first time, the software automatically builds on the chain with the most proof-of-work. Although a skilled developer can modify this software to mine on a chain with less proof-of-work, they have no incentive to do so. If a rogue miner chose to build on a chain with less proof-of-work, the rest of the network would refuse to accept that fork.

Part of the reason the network rejects forks with less proof-of-work is because mining software is automatically programmed to do that. But there is also a social element to proof-of-work. Why mine on a fork with less proof-of-work when everyone agreed to burn resources to build on the chain with the most collectively burned resources?

If the rogue miner builds on a forked chain, the network will not recognize their block reward. They will consume electricity with no way to pay it off. The elegance of proof-of-work is that it is always most profitable to mine on the chain that “followed the rules” and it is always expensive to divert from consensus.

The 51% Attack and the Double Spend

At the beginning of this article, I mentioned that successful consensus mechanisms disincentivize miners from attacking their network. Proof-of-work is an elegant consensus system because it is extremely difficult to attack.

Although it is extremely difficult to attack, the network does become vulnerable if a single miner or group of miners control 51% of the total processing power. With 51% of the processing power, an attacker can single handedly produce a blockchain with the most proof-of-work. This allows them to conduct what is called a double-spend attack. A double spend attack can erase a transaction from the blockchain by building a competing fork where that transaction doesn’t exist. A malicious miner can use a double-spend attack to pay for something very expensive and then erase that transaction from the blockchain.

The following is an example of what a double-spend attack might look like in practice.

Let’s say that Alice and Bob are in cahoots. Alice pays my brother Nico for a painting worth 125 Bitcoin. My brother, conscious of temporary forks in the network, waits for the standard 6 confirmation before handing over his painting to Alice. Once the painting is handed over, Alice informs Bob the miner.

My brother really does sell amazing art. Click here to check out what he has for sale. Click here to follow him on Instagram.

Bob controls 51% of Bitcoin’s hash power and starts mining his own fork. Bob purposely starts mining 6 blocks behind the current version of the blockchain because he wants to start from a history that doesn’t include Alice’s transaction to my brother Nico. It is called a double-spend attack because, in this forked chain, Alice uses the same inputs to send 125 Bitcoin to herself instead of my brother. She is spending the same Bitcoin twice.

Bob then rejects all blocks broadcasted from other miners until the proof-of-work on his attacking fork overtakes the proof-of-work on the original chain. After the proof-of-work on the attacking fork is greater than the original version of the blockchain, Bob releases his malicious fork into the Bitcoin network. Being that Bitcoin nodes accept the chain with the longest proof-of-work, the Bitcoin network accepts the attacking chain and my brother’s 125 Bitcoin disappears from his wallet.

Alice now has both my brother’s painting and the 125 Bitcoin she sent my brother.

The cool thing about cash is that you can’t double spend it.

A Caveat to the Double Spend Attack

Although people in the crypto community are very concerned about 51% attacks, these attacks are actually very difficult to execute in practice. The Bitcoin network consumes as much electricity as small countries do. In order for a miner to have a chance at successfully attacking the network, they would need to purchase a huge amount of specialized mining equipment and consume around half the electricity that it takes to power a small country. This is very discouraging to potential attackers and makes it very difficult for them to profit in a double-spend attack.

Another reason that conducting a double-spend attack is unlikely to succeed is because the entire network will instantly become aware if 6 blocks in the chain were reverted. Due to the pseudonymous nature of the blockchain, this can draw lots of attention on to the attacker.

Next Week’s Post

Proof-of-work has proven to be an elegant system with a very small attack surface. However, there is 1 main drawback; it is pretty slow. In proof-of-work, security comes at the expense of speed. This has put strong limitations on what smart contract blockchains like Ethereum can achieve. In an attempt to achieve faster transaction speed while maintaining a high degree of security, Ethereum plans to switch to a consensus model called proof-of-stake. While proof-of-stake will not directly lead to faster transaction speeds, it is expected to enable sharding.

In my next post, I will analyze how proof-of-stake is attempting to utilize similar incentives as proof-of-work in order enable a more powerful blockchain.

Follow me on twitter @jmartinez_43

Citations/Resources/LearnMore:

Mastering Bitcoin — Andreas Antonopoulos

Blockchain/Bitcoin for beginners 9: Bitcoin difficulty, target, BITS — all you need to know — Matt Thomas

Also, Read

• The Best Crypto Trading Bots
• The Best Bitcoin Hardware wallet
• The Best Crypto Tax Software
• Best Crypto Trading Platforms
• Best Wallet for Uniswap
• Best Crypto Lending Platforms
• Top DeFi Projects
• Bitsgap review — A Crypto Trading Bot That Makes Easy Money
• Quadency Review- A Crypto Trading Bot Made For Professionals
• 3commas Review | An Excellent Crypto Trading Bot
• 3Commas vs Cryptohopper
• The Idiots Guide to Margin Trading on Bitmex
• The Definitive Guide to Crypto Swing Trading
• Bitmex Advanced Margin Trading Guide
• Best Crypto APIs for Developers
• Crypto arbitrage guide: How to make money as a beginner
• Top Bitcoin Node Providers
• Best Crypto Charting Tool

Get Best Software Deals Directly In Your Inbox