Proof-of-Work

In order to achieve consensus among peers in the Bitcoin network, Bitcoin relies on the synchronous communication assumption along with a hash-based PoW concept. Here, peers have to prove that they have expended a certain amount of computations; peers that perform the proof-of-work are commonly referred to as miners. The more hashes a miner can perform, the more likely the miner is able to find a block, thus the ability to find blocks is proportional to the miner's hashing power. Bitcoin's particular proof-of-work mechanism is to require the double SHA256-hash of the block header content. The difficulty of the mining process is adjusted dynamically in order to meet an average block generation time of 10 minutes.

More specifically, to generate a block, miners must find a nonce value that, when hashed with additional fields (i.e., the Merkle hash of all valid and received

An example of a fork in the blockchain; gray blocks are called orphan blocks

Figure 3.6 An example of a fork in the blockchain; gray blocks are called orphan blocks.

Table 3.5

Example of The Header of Block in 364082 Bitcoin

Hash: 00000000000000000bcd79fd8739a43205f4286e68a4d7bd3a83bcb0c7158d99

Previous block: 000000000000000009a4f7f94f2e7fc81e64182b0e2540b3cc91c89076f3da5b

Time: 2015-07-06 08:39:20

Difficulty: 49,402,014,931.23

Transactions: 436

Total BTC: 1,081.04970944 BTC

Size: 244.1259765625 KB

Merkleroot: 2ade89c464e2f46e393a292e474d391f6055d8f19486a98930775b8926f43934

Nonce: 1386491545

transactions, the hash of the previous block, and a time stamp), the result is below a given target value. If such a nonce is found, miners then include it (as well as the additional fields) in a new block, thus allowing any entity to verify the PoW. Upon successfully generating a block, a miner is granted a number of BTCs (currently

12.5 BTCs). These BTCs are awarded by means of a coinbase transaction that transfers the generated BTCs onto a newly created Bitcoin address controlled by the miner. These mechanisms offer a strong incentive for miners to commit their computational resources in order to support the Bitcoin system and continuously confirm transactions. An example of a Bitcoin block is shown in Tables 3.5 and 3.6.

Note that Bitcoin adopts a limited supply strategy. That is, Bitcoin defines the rate at which currency will be generated. For example, in 2009, each miner

Table 3.6

Block 364082 in the Main Blockchain.2

Tx Hash

69f45d539f9d2744116c43a4fd157d54b11f092248db2cfe0db36baccd6d3fe5

Source & Amount

Generation

Recipient & Amount Tx Hash

1KFHE7w8BhaENAswwryaoccDb6qcT6DbYY: 25.06175045 BTC

Source & Amount

Recipient & Amount Tx Hash

3ad5d3f813168ac2246c3e80ff6d9279023c30a661a41e1fa522e82dce608d03

Source & Amount Recipient & Amount Tx Hash

16C1bgMsxPyfJVDPkv367ajXjgpjkiUxUA:0.23689801 BTC 1Gz9aQkk61r5VSD1WvnoyVgSfFafcziD8N:0.23689801 BTC 69a9421b77e2ec609b98adadd29da98dc1fa4d16e2fc75acd6637ddf7bbc069a

Source & Amount Recipient & Amount Tx Hash

Source & Amount Recipient & Amount

1FxddVRcF7tttvwc1cyaLUUeosXSoiMVFE:0.74550674BTC 1CdV9rovEYUJkGEkejWY5MbmqPSTy1E4Rk :0.74550674 BTC

was awarded 50 new BTCs upon generating a Bitcoin block. This amount is halved approximately every 4 years until the generation of BTCs in the system depletes.

Once a block is generated, it is broadcast in the entire network. Any entity that receives the block can verify the correctness of the PoW by computing the hash over the announced block fields, checking the correctness of the transactions included within, and verifying that it is below the target difficulty. Note that the Bitcoin network has a global block difficulty, which is updated every 2016 blocks. In essence, the difficulty is adjusted depending on the generation time of the last 2016 blocks in the network. That is, if the last 2016 blocks took more than 14 days of time to compute (i.e., more than 10 minutes on average), then the difficulty is reduced. Otherwise, if they took less than 14 days of computation, then the network difficulty is increased.

To generate a block, miners work on constructing a PoW. In particular, given the set of transactions that have been announced since the last block's generation, and the hash of the last block, Bitcoin miners need to find a nonce such that:

2 The block contains a total of 436 transactions; here, we only show 3 transactions confirmed in the block.

where SHAd256 is the SHA-256 algorithm applied twice, Bl; denotes the last generated block, MR(x) denotes the root of the Merkle tree with elements x, TRi || ... || TRn is a set of transactions that have been chosen by the miners to be included in the block,[1] No is the 32-bit nonce, and target is a 256-bit number. To generate the PoW, each miner chooses a particular subset of the candidate solutions’ space and performs a brute-force search. It is apparent that the bigger the target is, the easier it is to find a nonce that satisfies the PoW.

The resulting block is forwarded to all peers in the network who can then check its correctness by verifying the hash computation. If the block is deemed to be valid,[2] then the peers append it to their previously accepted blocks. Since each block links to the previously generated block, the Bitcoin blockchain grows upon the generation of a new block in the network. As mentioned earlier, when miners do not share the same view in the network (e.g., due to network partitioning), they might work on different blockchains, thus resulting in forks in the blockchain. Block forks are inherently resolved by the Bitcoin system; the longest blockchain will eventually prevail. Transactions that do not appear in blocks that are part of the main blockchain (i.e., the longest) will be readded to the pool of transactions in the system and reconfirmed in subsequent blocks.

Currently, in the Bitcoin system, a transaction can be redeemed by the payee if it has received at least six confirmations; that is, there are five new blocks that build on the block which confirms it. This mechanism offers an inherent protection against double-spending attacks since it is computationally infeasible for an adversary to change the history of a transaction that has been confirmed by six blocks in the system. This process is exemplified in Figure 3.7.

  • [1] These transactions are chosen from the transactions that have been announced (and not yet confirmed) since Bl;’s generation.
  • [2] That is, the block contains correctly formed transactions that have not been previously spent andhave a correct PoW.
 
Source
< Prev   CONTENTS   Source   Next >