CONTENTS:
- What is Proof-of-Work/Mining Summary
- Understanding Proof-of-Work/Mining
- Proof-of-work (PoW) vs Proof-of-stake (PoS)
- FAQs
1. What is Proof-of-Work/Mining Summary
Proof-of-work (aka mining) is the oldest and most widely used “consensus algorithm.” It was popularized by Satoshi Nakamoto in the 2008 Bitcoin white paper, but the technology existed long before then. Cynthia Dwork, Mani Naor, and Adam Back originally invented proof-of-work to counter email spam attacks.
Proof-of-work (PoW) is one of the key pieces to prevent double-spending and reach consensus (51% of the participants need to agree on the next global state of the network) or agreement in a distributed peer-to-peer network.
Technically, though, is not a consensus mechanism per se but rather a Sybil Resistance mechanism which makes following the system profitable (rewarding honest participants) and gaming the system expensive (solving cryptographic puzzles by expending a lot of electricity). In that way, the cost of attacking the network far outweighs the benefits of following the rules.
Here’s how it works. In order to update the ledger (blockchain) securely, a cryptographic puzzle (hash function) is distributed to special nodes, called miners. This puzzle, like a Rubik Cube, is hard to compute (takes a lot of computing power) yet easy to verify by the network. The network sets up the challenge (target hash), which is similar to your grandmother telling you that you have 1 minute to solve the Rubik Cube. The only way to solve that puzzle is by trial and error (guesses). This is referred to as Mining.
The answer is like a key that allows chaining the new block (page) to the previous block, resulting in a chain of blocks (Blockchain). Whoever finds it gets rewarded with cryptocurrency. The key is then broadcasted to the network and all the copies are updated.
However, a real consensus mechanism needs other components such as a chain selection rule (longest chain rule). In case of conflicting information, the longest chain rule helps a network identify the legitimate copy of a ledger (blockchain) and reach consensus. The network will ensure that the chain with the most computing power is the only valid one.
Proof-of-work coupled with a chain selection rule and applied to a fault-tolerant distributed network is what is known as Nakamoto Consensus. Satoshi Nakamoto’s genuine innovation.
The Proof-of-work (PoW) “consensus mechanism” is the most dominant up to this point. It has proven to be the most reliable and secure to date. Proof-of-work (PoW) is, on the other hand, slow and energy-intensive. To solve this problem, most of the next generation of altcoins, including Ethereum, are adopting a more energy-efficient and scalable solution, such as Proof-of-Stake (PoS).
This article is a little more technical than the previous ones. At Altcoins Mastery, we strive to explain things simply but not so simple that the substance is lost.
Keep reading for a more in-depth explanation!
2. Understanding Proof-of-Work/Mining
In this section, we will trace the origins of proof-of-work (PoW), and explain what it is and how it works.
A Brief History of Proof-of-Work (PoW)
Proof-of-work (aka mining) is the oldest and most widely used consensus algorithm. It was popularized by Satoshi Nakamoto in the 2008 Bitcoin white paper, but the technology existed long before then.
Cynthia Dwork, Mani Naor (1993): With the penetration of the internet, the use of emails began to spread. One of the most serious issues that e-mails faced was spam attacks. These attacks had the potential to disable e-mail servers, leaving many users in the cold. To solve that problem, Dwork & Naor published a paper in 1993 titled “Pricing via Processing, Or, Combatting Junk Mail” in which they proposed using computational work to pass a series of tests. These tests usually entailed calculating some square roots or making extensive use of hash functions. Consider the well-known captcha that appears when you attempt to register on a website. Similar to a captcha, users had to solve a puzzle before sending an email. If the answer is valid, then the email is sent; otherwise, the email is rejected.
Adam Back (1997), HashCash: The creation of HashCash [1] by cypherpunk Adam Back brought Dwork and Naor’s work to light. Hashchash is a proof-of-work system used to limit email spam and denial-of-service attacks. The idea behind HashCash was to make “spamming” costly by adding a small cost for each spam sent. A cost that will entail using computer power to solve a hash function, a cryptographic puzzle that is difficult to solve (yet feasible) but simple to verify. This hash function enables the sender to sign an email (proof of work signature or hash) and then submit it to a server for verification. If the solution to the puzzle is right, the message is delivered; otherwise, it is rejected. The electricity cost for sending one email was $0.01; this may not seem like much for one email, but if you send millions of emails, your electricity bill may skyrocket. In this way, spammers were discouraged from pursuing their attacks.
Even though Adam Back never used the term Proof of Work, he did use another key term in blockchain technology, “Double-Spending Protection” which was influenced by David Chaum’s work. Hashcash was later proposed by Hal Finney (RPoW), Wei Dai (B-Money), and Nick Szabo (Bit Gold) as a way of minting coins in digital currencies.
Adam Back, alongside Cynthia Dwork and Mani Naor, are regarded as the true pioneers of the proof-of-work algorithm that Bitcoin and other cryptocurrencies use to validate transactions, prevent double-spending and achieve consensus.
Markus Jacobsson, Ari Juels (1999): Markus Jacobsson and Ari Juels coined and formalized the term “proof of work” in a 1999 paper titled: “Proofs of Work and Bread Pudding Protocols” as follows:
“This is a protocol in which a prover demonstrates to a verifier that she has expended a certain level of computational effort in a specified interval of time. Although not defined as such or treated formally, proofs of work have been proposed as a mechanism for a number of security goals, including server access metering, construction of digital time capsules, and protection against spamming and other denial-of-service attacks.”
Markus Jacobsson & Ari Juels
Additionally, they show how proof of work could be used not just as a security protocol but also as a way to decentralize the minting process of digital coins (“shifting the burden of the MicroMint minting operation onto a large group of untrusted computational devices.” Jacobsson & Jules)
Hal Finney (2004), Reusable Proofs of Work (RPoW): Hal Finney, a computer scientist, and cypherpunk, built on HashCash proof-of-work and prototyped RPOW (Reusable Proofs of Work) [3]. RPoW purpose was token money.
Hal Finney used HashCash proof-of-work as a way of minting (creating) non-exchangeable tokens (POW tokens) and then signing them with an RSA digital signature to make them exchangeable (reusable) from person to person. The effect is similar to being able to pass hashcash tokens from hand to hand while retaining their value. Finney used a transparent server as a trusted third-party and solve the double-spending problem. RPoW was a pivotal moment in the history of PoW applied to cryptocurrencies.
Satoshi Nakamoto (2008): Proof-of-work was popularized by Bitcoin as a foundation for consensus in a peer-to-peer decentralized network.
Satoshi Nakamoto developed a consensus mechanism (called Nakamoto Consensus) to verify the authenticity of a blockchain network. Bitcoin was the first to use a HashCash proof-of-work (PoW) in a decentralized network for both mining (transaction verification) and achieving consensus (updating the ledger).
“We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by grouping them into a hash-based proof of work chain, forming a record that cannot be changed without redoing the proof of work.
The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they’ll generate the longest chain and outpace attackers.
Satoshi Nakamoto – Bitcoin: A Peer-to-Peer Electronic Cash System (2008) – Abstract
What is a Consensus Mechanism?
As we saw in “What is Blockchain? The Ultimate Guide”, one of the main problems of distributed systems is the Byzantine Generals’ Problem and its associated issue that arises as a result, the double-spending problem.
In other words, if there is no central authority, how and in what order are new pages (blocks of transactions) added to the ledger (blockchain)? Can we come to an agreement (consensus) in a distributed peer-to-peer network of computers (nodes)?
At its core, this is a trust issue. On the internet, how can we trust one another?
Before understanding what a consensus mechanism is, we must first define consensus in the context of cryptocurrencies.
What is Consensus?
The definition of consensus is an agreement made by a group. Consider a lovely family of two children, two parents, and two grandparents. Assume the wonderful grandma suggests vegetables for lunch. A consensus is reached when there is no dispute over a given meal decision. In the worst-case scenario (children and parents crying), the group will eventually split.
Unsolicited advice: Always trust your grandmother
In regards to blockchain, reaching consensus requires at least 51% of the nodes to agree on the next global state of the network.
What is a Consensus Mechanism?
A consensus mechanism (also known as consensus protocol or consensus algorithm) is a mechanism that allows participants (nodes) to coordinate and secure a distributed system. In the context of cryptocurrencies, to update the ledger (blockchain), the network must reach a “secure consensus” using an algorithm (rules).
The peculiarity of this system is that even if some players disagree (traitors in the Byzantine generals’ problem), the system should be able to achieve an agreement. In other words, it must be Byzantine Fault Tolerant.
Another important feature is that it must be resistant to 51% attacks. Consensus requires at least 51% of the nodes to agree; an attacker could compromise consensus by controlling 51% of the network. Consensus mechanisms are designed to prevent those 51% attacks and make them nearly impossible.
There are different approaches to solve this security problem such as Proof-of-Work (PoW), Proof of Stake (PoS), Delegated Proof of Stake (DPoS), Practical Byzantine Fault Tolerance (PBFT), Proof-of-elapsed-time (PoET), etc.
What is Proof-of-work (PoW)?
Proof-of-work (PoW) is commonly defined as a consensus mechanism that cryptocurrencies such as Bitcoin and Ethereum use to reach consensus in a distributed network. This is not 100% accurate, they are often referred to as such for simplicity (we plead guilty as well :)).
As you saw in the brief history of proof-of-work (PoW), proof-of-work was originally created to thwart email spam and deterred bad actors.
Technically, proof-of-work (PoW) by itself doesn’t get you agreement (consensus). Proof-of-work (PoW) is more accurately defined as a Sybil resistance mechanism that, in the context of cryptocurrencies, prevents (or deter) data manipulation by using a combination of cryptography (puzzles) and game theory (incentives) which makes following the rules profitable and cheating expensive.
Is it a combination of Sybil resistance (e.g., proof-of-work) and a chain selection rule that makes up a true consensus mechanism. That combination is known as Nakamoto Consensus. Nakamoto did not invent proof-of-work, but he did invent a chain selection rule and used it in conjunction with other technologies to achieve consensus in a distributed system. This is what makes blockchain revolutionary.
Nakamoto Consensus = Sybil Resistance (e.g., proof-of-work) + A chain selection rule applied on a Byzantine Fault Tolerance (BFT) peer-to-peer network.
- Sybil Resistance: Sybil attacks occur when a user or group pretends to be many users to gain control of the system. To keep a ledger (blockchain) secured, resistance to these types of attacks is crucial. This is achieved by putting something at a stake (resources) and rewarding (incentives) those equally based on the resources put in. Proof-of-work and proof-of-stake protect against sybil attacks by requiring users to use a large amount of computer energy (electricity) or put up a lot of collateral (stake). Nakamoto used Adam Back’s HashCash proof-of-work system to counter Sybil attacks, prevent double-spending and encourage honest nodes.
- A chain selection rule: Bitcoin, Ethereum and other proof-of-work altcoins use the “longest chain” rule. Miners “vote” with their computing power, but how can you tell if the chain you are on is the correct chain (ledger)? The one with the greatest number of computational votes (power) supported by the network is the valid one. This puzzle piece is the secret ingredient. It solves the problem of how the network agrees on a single truth, as well as why anyone should do much work. It even answers the question of how the cost of an attack increases with the network’s value. This was the true invention of Nakamoto.
- Byzantine Fault Tolerant Peer-to-peer network: This is a fancy way of saying that Nakamoto consensus should keep a distributed system fault-tolerant even when some participants disagree. To put it another way, the system must be secure.
How Proof-of-work (PoW) works
In “What is Blockchain? The Ultimate guide” we saw that miners must solve two cryptographic puzzles to verify and authenticate transactions:
- An Easy puzzle: Digital signature puzzle (asymmetric key function) to check the validity of the sender’s digital signature. For solving that puzzle, miners receive fees. This is easy to verify.
- A Hard puzzle: Proof-of-work puzzle (hash function). For the hard puzzle, miners get to update the ledger and receive cryptocurrency.
Both puzzles use cryptographic hash functions; the hard puzzle is known as proof-of-work, while the action used to compute that function is known as mining.
What is a Hash function?
A hash function is a mathematical function that converts any input of variable length into a fixed-length encrypted output. That unique character result is known as a hash, hash value, hash code, or digest. Hash functions have 4 key characteristics:
- One-way functions (irreversible): The output or hash cannot be used to find the input. Consider toothpaste: once it’s out you can’t put it back again.
- Deterministic: Given the same data input, the hashing algorithm will always produce a fixed-length string. For instance, Bitcoin uses SHA-256 hash function while Ethereum Keccak-256, in both cases, the string will always be 64 (256 bits) characters long.
- Avalanche type operation: If the data is slightly modified the hash will change completely.
- Easy to verify: If we already know a hash, and we apply a hash function to the same data, the hash will be identical, allowing us to validate that the data is the same (unaltered). This is really useful for “digital signatures.”
Examples of hash functions include MD2, RIPEMD, SHA, etc.
Not all hash functions involve the use of cryptography. The ones we’re interested in here are cryptographic hash functions, which are often used for verifying the integrity of message files, signature generation and verification, password verification, and security.
Cryptographic hash functions are critical in cryptocurrencies, from signature generation and verification (digital signatures) to smart contracts to updating the ledger (proof-of-work) and securing the blockchain.
Hash functions and Proof-of-Work
Proof-of-work is essentially a cryptographic puzzle (hash function) that miners must solve in order to update the ledger (blockchain). Miners need to provide an answer (proof) to a specific challenge (puzzle). If the answer is correct, they receive cryptocurrency.
Hash functions are often easy to compute. The crucial component of a proof-of-work hash function, however, is its asymmetry: the work (computation) must be difficult to compute yet simple to verify. Proof-of-work involves two parts:
- The prover: The prover needs to show that a certain amount of computational power has been expended.
- Verifiers: The verifies can easily confirm this expenditure.
Imagine your grandmother gives you a challenge: Complete this Rubik cube in 10 minutes max
What is Mining?
Mining is the process of calculating this proof-of-work (the hard hash function or puzzle). Mining entails using computers (e.g., ASICs) to run hashing algorithms to add the next block (page) to the blockchain (ledger). This is more like a lottery than a race, although the chances of finding the correct answer rise as processing power increases.
This is how it works:
- STEP 0: The proof-of-work network (e.g., Bitcoin, Ethereum) sets a level of “difficulty” or target hash; the lower the target, the fewer valid answers, and the more difficult the puzzle. In practice, the puzzle’s difficulty is determined by the number of leading zeros in the target hash. The more 0s there are, the more difficult it is to mine blocks. The goal is set so that a new block is mined (added to the ledger) on average every 10 minutes for Bitcoin and every 12 seconds for Ethereum.
- STEP 1: Miners present their candidate blocks and run guesses (nonce) to solve the puzzle and find a valid solution. Miners run the block contents through a hash function (SHA-256 for Bitcoin, Keccak-256 for Ethereum) that generates only one hash.
- STEP 2: To solve the puzzle and add a new block to the ledger (blockchain), the result has to be smaller than the target hash. The result must begin with a string of leading zeros set by the target hash (e.g., 16 zeros). The miner who finds the solution, the key that allows the new block to be chained to the previous one, gets rewarded with cryptocurrency (currently, the block reward is 6.25 BTC for Bitcoin and 4 ETH for Ethereum).
- STEP 3: The peer-to-peer network updates its ledger copy. When participants (nodes) hear two distinct blockchains with contradictory transaction histories, they default to the longest, the one with the most work put into it. The network applies the “longest chain rule” to reach consensus.
If all of this sounds confusing, don’t worry; you don’t need to understand it to use or invest in cryptocurrency. What you need to remember is that miners try to guess the answer to the puzzle by trial and error. The answer is like a key that allows chaining the new block (page) to the previous block, resulting in a chain of blocks (Blockchain), and whoever finds it gets rewarded with cryptocurrency.
Once the key (proof) is found, the miner will distribute it throughout the network in order for their copies of the ledger to be updated. If there is any conflicting information, the network will ensure that the chain with the most computing power is the only valid one.
Because the blocks are chained, every little change in the data invalidates the prior blocks and raises the alarms. If someone wants to take over the system, he must be faster than the other miners and have at least 51% of the total computer power. The likelihood of this occurring is close to none. Furthermore, the financial costs would considerably outweigh the benefits, acting as an effective economic deterrent or Sybil resistance mechanism.
3. Proof-of-work vs Proof-of-Stake (PoS)
Proof-of-work (coupled with the longest chain rule) was the first “consensus mechanism” for preventing double-spending, and it continues to be the dominant one to this day. It has proven to be the most reliable and secure to date.
However, one of the primary drawbacks of PoW is that it is slow and energy-intensive. The system is deliberately slow to prevent actors from gaming the system; this provides greater robustness (security) at the sacrifice of efficiency (transactions per second). Furthermore, a significant amount of energy (electricity) is wasted during the hashing (guessing) process, equivalent to countries such as Ireland, Denmark, or Austria in the case of Bitcoin. This is in direct opposition to the green revolution (reducing carbon footprint).
To solve this problem most of the new generation of altcoins and even Ethereum are switching to a most energy-efficient and scalable solution, such as Proof-of-Stake (PoS).
Proof-of-Stake (PoS)
The Proof-of-Stake “consensus mechanism” is an alternative way of reaching consensus in the blockchain network. Instead of miners and hashes, the proof of stake system employs validators who, rather than investing computer power, invest a certain amount of money (stake). The more coins you stake, the more likely you are to be chosen as the next validator.
Another significant difference is that Proof-of-Stake (PoS) uses active punishments, such as removing your stake if you do not act honestly. This provides validators with a financial incentive to follow the rules.
If you want to learn more about Proof-of-Stake (PoS) we have written “What is Proof-of-Stake (PoS)? Basic Staking Guide.”
The type of consensus required depends upon the needs of the network. Both “consensus mechanisms” have their share of pros and cons.
4. FAQs
PoW vs PoS: Which is Better Consensus Algorithm?
There is no superior consensus mechanism; it is entirely dependent on the requirements of a cryptocurrency network.
PoW is a better solution for security, robustness, fraud prevention, and trust-building in a network. Proof-of-work has a longer track record and has proved to be extremely reliable in securing the history of transactions (blockchain) while increasing the difficulty of changing data over time.
PoS is used when high transaction speed for on-chain transactions and network transfer settlement is required. It is more scalable than PoW.
Aside from PoW and PoS, there are a variety of alternative “consensus mechanisms” that overcome some of the drawbacks of those, such as Delegated Proof of Stake (DPoS), Proof-of-Authority (PoA), Proof-of-Burn (PoB), Proof-of-Capacity (PoC), and so on.
Who pays the miners’ reward?
Miners include a custom transaction in the “candidate block” that they want to mine (hash). In that custom transaction, they send themselves the block reward. This transaction is known as the coinbase transaction. If the hash is valid, the transaction will be approved and new coins will be added to the network. Currently, the Bitcoin reward is 6.25 BTC while Ethereum reward is 4 ETH.