dilemma: without a central authority affirming the identity of those validating the ledger, a fraudulent validator could secretly distort the consensus by creating multiple computing nodes under different aliases. (Think of all those fake Twitter aliases for a sense of how easy this is.) By replicating themselves, they could cast more than 50 percent of the votes and get their own false, “double-spent” transactions inserted into the shared record. This could be resolved by some authority identifying and authorizing each computer user, but that would just take things back to square one. It breached the Cypherpunks’ ideals of “permissionlessness” and censorship resistance.
Satoshi Nakamoto’s ingenious solution lay in a mix of carrot-and-stick incentives that encouraged those who were validating transactions to do so honestly. Any computer anywhere could participate in validation work, and, in fact, would be incentivized to do so with a lottery-like system of bitcoin rewards. These would be paid out every ten minutes, whenever one of those computers successfully added a new batch, or “block,” of freshly validated transactions to the blockchain ledger. (These computers are known as “miners,” because in seeking to win the ten-minute payout, they engage in a kind of computational treasure hunt for digital gold. At the time of writing, the ten-minute “block reward” was equal to 12.5 bitcoins—around $125,000—issued automatically by the decentralized software protocol to the winning miner. Miners also pick up transaction fees, which we’ll get into later.)
Now, since it’s a permissionless system, anyone could up their chance of winning the randomly assigned bitcoin reward lottery by adding more computing nodes to the network. So Nakamoto needed a non-centralized way to prevent a rogue miner from taking over more than 50 percent of the computing power. He achieved this by requiring every single competing computer to conduct an exercise called “proof of work”: a difficult mathematical puzzle that requires heavy computation to find just one number within a mountainous digital haystack of other numbers.
Proof of work is expensive, because it chews up both electricity and processing power. That means that if a miner wants to seize majority control of the consensus system by adding more computing power, they would have to spend a lot of money doing so. Because of features such as a “difficulty adjustment,” which makes the proof-of-work puzzle ever harder as overall network-wide computing power increases, Nakamoto’s proof-of-work system ensures that the costs of a so-called 51 percent attack grow exponentially as an attacker gets closer to that consensus-controlling threshold. Double-spending and fraud are not illegal in Bitcoin; in other words, they are just “taxed” to such a degree that it’s prohibitively expensive. At the time of writing, the GoBitcoin.io site was estimating that a 51 percent attack would require an outlay on hardware and electricity costs of $2.2 billion.
Over time, bitcoin mining has evolved into an industrial undertaking, with gigantic mining “farms” now dominating the network. Might those big players collude and undermine the ledger by combining resources? Perhaps, but there are also overwhelming disincentives for doing so. Among other considerations, a successful attack would significantly undermine the value of all the bitcoins the attacking miner owns. Either way, no one has managed to attack Bitcoin’s ledger in nine years. That unbroken record continues to reinforce belief in Bitcoin’s cost-and-incentive security system.
If we view the bitcoin currency from this angle—and not merely as it is popularly portrayed, as a strange new digital unit of value that some geeky guys think is a good alternative to dollars, euros, or yen—we can build a conceptual framework for understanding the wider implications of Satoshi’s invention. The currency, bitcoin (lowercase “b”), is first and foremost a store of value that rewards people for securing Bitcoin (uppercase “B”), the system. That, and not the hope that it will become an everyday medium of exchange, is its primary purpose. Without its existence as an incentive for computer owners to honestly validate exchanges of valuable information, Satoshi’s censorship-resistant distributed ledger simply wouldn’t work.
Of course, for this all to tie together, the miners must regard bitcoin currency as having value—they must believe they’ll be able to exchange it for other things of established value, be they goods and services or fiat currencies such as dollars. Fully exploring how they, and millions of others, came to conclude that bitcoins did have value requires a deeper dive into how human communities reach agreements on what constitutes a common medium of exchange, store of value, and unit of account—the three qualities of money. (For that dive, we again will shamelessly recommend The Age of Cryptocurrency.) What we can say is that, contrary to popular opinion, a currency need not be backed by anything, be it the commitment of a government or a fixed amount of commodity such as gold, only that it be sufficiently recognized as a useful means of measuring and clearing exchanges of value. This might seem counterintuitive because we tend to think of money as a physical thing that somehow contains value within the particular item—the paper note, or the gold coin. But in reality currencies only convey a symbolic tokenized value, one that’s derived solely from the collective will of society to commonly accept the token as a marker of that value. This same malleability of thinking can be applied to any token, so long as enough people accept it. That’s what happened to bitcoin.
The structure of the ledger is also important for keeping Bitcoin secure. Nakamoto conceived of his as an ever-growing, unbroken chain of blocks, each representing a batch of transactions strung together and validated within a ten-minute bitcoin reward period. Hence the word that’s now on every CIO’s lips: “blockchain.” (Notably, the term “blockchain” never appeared in the original Bitcoin white paper—a good argument for why Bitcoin should have no exclusive claim to the term.)
Within each block period, every miner that’s engaged in the proof-of-work race for the next bitcoin reward is simultaneously gathering new incoming transactions and arranging them into their own new block. The details of each transaction—date, time, addresses of senders and recipients, the amounts sent, etc.—are captured and run through a special cryptographic algorithm to produce an alphanumeric string known as a hash. A hashing algorithm can convert any arbitrary amount of original source data into a single, fixed-length string of letters and numbers, providing a means of mathematically proving the existence of that underlying information. Anyone in possession of the transaction information can easily run it through the same hashing algorithm to confirm that whoever made the original hash must be in possession of the same data.
A key feature of hashes is that they are hypersensitive to changes in the underlying data. Here’s one we generated from the previous paragraph’s raw text by running it through the highly secure SHA-256 algorithm that Bitcoin uses:
63f48074e26b1dcd6ec26be74b35e49bd31a36f849033bdee4194b6be8505fd9
Now, note that when we simply remove the last period from that paragraph of text, the algorithm came back with a completely different alphanumeric string:
8f5967a42c6dc39757c2e6be4368c6c5f06647cc3c73d3aa2c0abdec3c6007a5
If you think about this in terms of someone trying to secretly change transaction data, you can see how this hypersensitivity is vital to the blockchain’s integrity. If anyone tries to introduce changes to existing transactions, other miners will clearly recognize that the new hash output doesn’t match what they have in their versions of the blockchain. So they will reject it.
Bitcoin also takes advantage of the fact that it’s possible to take two hashes, combine them, and produce a root hash that encapsulates the two separate data proofs. This process can be repeated ad infinitum, creating hashes of hashes of hashes in a hierarchical structure known as a Merkle Tree. This is how transactions within each block are bundled and cryptographically tied together.
Bitcoin then takes this linking function one step further. Through another cryptographic hashing function, the winning miner ties their newly created block to the previous one. This turns the entire blockchain into a never-ending, mathematically linked chain of hashed transactions that goes all the way back to the “Genesis” block of January 3, 2009. Make a change to a transaction from January 15, 2011, and the blockchain’s interlinked hash-based record of all the data recorded in the subsequent seven years will be completely altered. It’s a bit like how banks use exploding dye to protect banknotes: any thief who tries to