Proof of Work is yet another buzzword that gets thrown around a lot in the cryptosphere. This is because it is an important component of some of the most important blockchains like Bitcoin. In this post we aim to shed some light into what exactly this means, and why it is such an important term.
In short, Proof of Work (PoW) is one of the mechanisms through which a blockchain can achieve consensus. That is to say, ensuring that all nodes of the system can agree on the state of the public ledger. Value, information, and wealth can only be transferred when actors in an exchange agree upon what is being exchanged and how. This is usually dealt with by banks, companies and even governments, but blockchains can do this peer-to-peer, so long as they achieve consensus.
This is important, as you may guess, because it’s what creates consistency in the blockchain data, prevents users from double-spending their funds, or attacking each other.
In a Proof of Work (PoW) system, consensus is agreed upon via the work done by network miners. These are the miners you keep hearing about. They collect your transaction fees in exchange for keeping the network up and running.
In a broad sense, it can be said that miners process network transactions, and take up their fees as payment for their effort (e.g.: electricity spent on computing power), and as an incentive to keep working.
If we take a more technical perspective though, they’re not exactly “processing transactions”. All transactions are already fully prepared to be included in the blockchain when they reach miners. Miners only need to check their validity.
The real processing that happens is more of an endless competition between all miners, the winner of which gets to create the next block in the chain.
This competition is done via a cryptographic algorithm. For every block, a cryptographic puzzle needs to be solved, and some processing power must be put into finding a valid solution. When a miner finds a solution, it is able to create a valid block, and broadcast it to everyone else.
The broadcasting of a single block, and some of its caveats, is a topic I already covered in more detail on my previous post about [achieving Finality].
Here, we’ll focus a bit more on how this cryptographic puzzle works, and why it is needed in the first place.
A hash works very similarly to a written signature.
Your signature proves that a document was read and validated by you, without your own presence being required. Only you can produce your own signature, but everyone else can easily check it’s yours. This can be summed up in two simple properties:
- hard to fake;
- easy to validate.
These properties are what makes signatures, and hashes, interesting for quickly validating something.
Yes, I know. Written signatures are not really that secure. But cryptographic signatures, on the other hand, can be. They serve the same function as the written ones, which is why the analogy works so well, but they’re generated through mathematical functions that are designed to provide better guarantees.
A sensible cryptographic hash should be:
- Hard to produce, Making it impossible to create a valid signature without first having access to the original data;
- Trivial to verify. So that anyone can quickly validate data.
Let’s see a quick example of what a cryptographic hash would look like. In many software download pages, you’ll often see a hash checksum. For example, here’s the download page for Ubuntu:
After downloading the file, I should be able to independently calculate a SHA256 hash of that file, and compare it against the hash displayed on the page. If they match, I have proof that the download file is not corrupted or tampered with. And that’s exactly what I did:
$ shasum -a 256 ubuntu-18.04.3-desktop-amd64.isoadd4614b6fe3bb8e7dddcaab0ea97c476fbd4ffe288f2a4912cb06f1a47dcfa0
Great, the hash works perfectly! You can notice that the resulting hash (add461…) matches exactly the hash from the screenshot.
This is a one-way operation. While I can calculate a SHA256 hash for any file or piece of data, the reverse is not possible. It’s obviously impossible to recreate the entire Ubuntu file from just this small string of random characters.
The process I just did manually is similar to what’s used in a blockchain to ensure the integrity of all transactions. Each transaction hash is derived from the data of the transaction itself, and serves as a unique identifier.
Each block has a hash, too. And that hash needs to follow certain rules. Let’s take a look at the latest Bitcoin block hashes, for example:
Notice how all of them start with a bunch of zeros? How did this happen, if hashes are supposedly random?
Well, that’s where the cryptographic mining contest begins.
And how do they “Prove the Work”?
Each miner is constantly trying to mine the next block in the chain. And they’re on a constant race with each other.
As they aggregate transactions sent in by users, they aggregate them in a new block, and then try to create a hash for the entire block.
This hash can’t be just any hash tough. The blockchain imposes some rules on it. Bitcoin, for example, requires the hash to start with a certain number of leading zeros. The actual amount of zeros required is called the network’s difficulty, and it’s a number that is adjusted every few blocks.
If the current difficulty is 2, then 00abc… would be a valid hash, but 0abc… would not.
Couple this with the fact that hashes are, for all intents and purposes, randomly generated and unguessable, and miners have only one way to produce different hashes: brute force. They keep trying over and over to generate new hashes, until they find one that fulfils the requirement.
Since the same block always generates the same hash, they need to change it slightly for every new attempt. This is often done by adding a random number within the block’s data. The only purpose of this number is for miners to change it in order to be able to make different blocks, and therefore, different hashes.
The better your hardware, the more hashes you can produce. That’s called your Hash Rate. If you increase your hash rate (by improving your hardware) you get a better chance of finding valid hashes before everyone else. But since this process is essentially random, having slower hardware still gives you a small chance at preventing more powerful miners from getting 100% of the blocks.
This difficulty is adjusted automatically every few blocks, in response to changes in the total hash rate of the network. If a lot of miners significantly increase their hash rate, or if a lot of miners join the game, the average time to mine a block will decrease. In response to this, the difficulty may increase, to keep the average block time around 10 minutes.
If you’ve ever wondered why it takes 10 minutes to mine a Bitcoin block, there’s your answer. The blockchain itself is enforcing that rule, by adjusting the mining difficulty.
Maybe you’re wondering why this is done at all! Good question! Let’s talk about that:
A Supply and Demand game
Miners are a necessary part of the system because they’re what keeps the blockchain alive. It is therefore important to keep a steady number of them.
It is also important for the number of miners to be sufficiently large, or else the decentralization of the system could be compromised. This compromises security as well. These are some of the basic tenets of a decentralized blockchain.
On the other side of the system, we have the users, sending transactions through their wallets.
Users want the blockchain to support as many transactions per second as possible, to reduce their waiting times. They also want lower fees, or even no fees at all!
Miners, on the other hand, want the reverse. The more fees are paid, the more they get. And the less transactions there are, the easier it is for them to compute hashes for new blocks.
Even if miners were willing to mine for free, you still wouldn’t be able to do as the users wish. More transactions per minute mean that we’d have to support larger block sizes (or increase the rate of blocks), or decrease the 10 minutes it takes for a block to be produced.
This would make the mining process more difficult, possibly to a point where only those with more powerful hardware would be able to do anything at all.
If only the most powerful can compete in the game, then the whole system will degrade to a much less decentralized one. And decentralization is what guarantees the security of your transactions.
Preserving the size of blocks, as well as the time between them, is a balance that has to be done to keep the network usable while still preserving the ability of small miners to be able to contribute to the network.
And what about all the energy waste?
Not only that, the incentive given to miners (read: the ability to convert electricity into money) is driving the industry to produce more powerful mining hardware, and driving the miners to purchase more and more of that hardware.
So, not only are we creating an incentive to spend energy, but the competitive nature of this is pushing everyone to spend increasingly more!
This is all true, and of course, a concern. But unlike some may claim, it’s not an inherent problem of cryptocurrencies, and not even inherent to Proof-of-Work. This means that there are ways to create Proof-of-Work systems that don’t drive energy usage up like we’re seeing today.
If not though, rest assured that this is an acknowledged problem, and is being actively worked on by many communities. While it is true that cryptocurrencies do consume excessive amounts of energy right now, this is a problem that can be solved, and should see some improvements over the next couple of years.