What is proof of work? (∞)

Introduction

Proof of Work (commonly abbreviated to PoW) is a mechanism for preventing double-spends. Most major cryptocurrencies use this as their consensus algorithm. That’s just what we call a method for securing the cryptocurrency’s ledger.

Proof of Work was the first consensus algorithm to surface, and, to date, remains the dominant one. It was introduced by Satoshi Nakamoto in the 2008 Bitcoin white paper, but the technology itself was conceived long before then.

Adam Back’s HashCash is an early example of a Proof of Work algorithm in the pre-cryptocurrency days. By requiring senders to perform a small amount of computing before sending an email, receivers could mitigate spam. This computation would cost virtually nothing to a legitimate sender, but quickly add up for someone sending emails en masse.

Why is Proof of Work necessary?

If you’ve read our guide to blockchain technology, you’ll know that users broadcast transactions to the network. Those transactions aren’t immediately considered valid, though. That only happens when they get added to the blockchain.

The blockchain is a big database that every user can see, so they can check if funds have been spent before. Picture it like this: you and three friends have a notepad. Anytime one of you wants to make a transfer of whatever units you’re using, you write it down — Alice pays Bob five units, Bob pays Carol two units, etc.

There’s another intricacy here — each time you make a transaction, you refer to the transaction where the funds came from. So, if Bob was paying Carol with two units, the entry would actually look like the following: Bob pays Carol two units from this earlier transaction with Alice.

Now, we have a way to track the units. If Bob tries to make another transaction using the same units he just sent to Carol, everyone will know immediately. The group won’t allow the transaction to be added to the notepad.

Now, this might work well in a small group. Everyone knows each other, so they’ll probably agree on which of the friends should add transactions to the notepad. What if we want a group of 10,000 participants? The notepad idea doesn’t scale well, because nobody wants to trust a stranger to manage it.

This is where Proof of Work comes in. It ensures that users aren’t spending money that they don’t have the right to spend. By using a combination of game theory and cryptography, a PoW algorithm enables anyone to update the blockchain according to the rules of the system.

How does PoW work?

Our notepad above is the blockchain. But we don’t add transactions one by one — instead, we lump them into blocks. We announce the transactions to the network, then users creating a block will include them in a candidate block. The transactions will only be considered valid once their candidate block becomes a confirmed block, meaning that it has been added to the blockchain.

Appending a block isn’t cheap, however. Proof of Work requires that a miner (the user creating the block) uses up some of their own resources for the privilege. That resource is computing power, which is used to hash the block’s data until a solution to a puzzle is found.

Hashing the block’s data means that you pass it through a hashing function to generate a block hash. The block hash works like a “fingerprint” — it’s an identity for your input data and is unique to each block.

It’s virtually impossible to reverse a block hash to get the input data. Knowing an input, however, it’s trivial for you to confirm that the hash is correct. You just have to submit the input through the function and check if the output is the same.

In Proof of Work, you must provide data whose hash matches certain conditions. But you don’t know how to get there. Your only option is to pass your data through a hash function and to check if it matches the conditions. If it doesn’t, you’ll have to change your data slightly to get a different hash. Changing even one character in your data will result in a totally different result, so there’s no way of predicting what an output might be.

As a result, if you want to create a block, you’re playing a guessing game. You typically take information on all of the transactions that you want to add and some other important data, then hash it all together. But since your dataset won’t change, you need to add a piece of information that is variable. Otherwise, you would always get the same hash as output. This variable data is what we call a nonce. It’s a number that you’ll change with every attempt, so you’re getting a different hash every time. And this is what we call mining.

Summing up, mining is the process of gathering blockchain data and hashing it along with a nonce until you find a particular hash. If you find a hash that satisfies the conditions set out by the protocol, you get the right to broadcast the new block to the network. At this point, the other participants of the network update their blockchains to include the new block.

For major cryptocurrencies today, the conditions are incredibly challenging to satisfy. The higher the hash rate on the network, the more difficult it is to find a valid hash. This is done to ensure that blocks aren’t found too quickly.

As you can imagine, trying to guess massive amounts of hashes can be costly on your computer. You’re wasting computational cycles and electricity. But the protocol will reward you with cryptocurrency if you find a valid hash.

Let’s recap what we know so far:

• It’s expensive for you to mine.
• You’re rewarded if you produce a valid block.
• Knowing an input, a user can easily check its hash — non-mining users can verify that a block is valid without expending much computational power.

So far, so good. But what if you try to cheat? What’s to stop you from putting a bunch of fraudulent transactions into the block and producing a valid hash?

That’s where public-key cryptography comes in. We won’t go into depth in this article, but check out What is Public-Key Cryptography? for a comprehensive look at it. In short, we use some neat cryptographic tricks that allow any user to verify whether someone has a right to move the funds they’re attempting to spend.

When you create a transaction, you sign it. Anyone on the network can compare your signature with your public key, and check whether they match. They’ll also check if you can actually spend your funds and that the sum of your inputs is higher than the sum of your outputs (i.e., that you’re not spending more than you have).

Any block that includes an invalid transaction will be automatically rejected by the network. It’s expensive for you to even attempt to cheat. You’ll waste your own resources without any reward.

Therein lies the beauty of Proof of Work: it makes it expensive to cheat, but profitable to act honestly. Any rational miner will be seeking ROI, so they can be expected to behave in a way that guarantees revenue.