Bitcoin: A Peer-to-Peer Electronic Cash System
4. Proof-of-Work
To implement a distributed timestamp server on a peer-to-peer basis, we will need to use a proof-of-work system similar to Adam Back's Hashcash, rather than newspaper or Usenet posts. The proof-of-work involves scanning for a value that when hashed, such as with SHA-256, the hash begins with a number of zero bits. The average work required is exponential in the number of zero bits required and can be verified by executing a single hash.
For our timestamp network, we implement the proof-of-work by incrementing a nonce in the block until a value is found that gives the block's hash the required zero bits. Once the CPU effort has been expended to make it satisfy the proof-of-work, the block cannot be changed without redoing the work. As later blocks are chained after it, the work to change the block would include redoing all the blocks after it.
The proof-of-work also solves the problem of determining representation in majority decision making. If the majority were based on one-IP-address-one-vote, it could be subverted by anyone able to allocate many IPs. Proof-of-work is essentially one-CPU-one-vote. The majority decision is represented by the longest chain, which has the greatest proof-of-work effort invested in it.
💡 Key Concepts
⛏️ Proof-of-Work
A computational puzzle that requires significant CPU power to solve but is easy to verify. This secures the network by making attacks computationally expensive.
🎲 Nonce
A random number that miners change repeatedly until they find a hash that meets the difficulty requirement. Short for 'number used once'.
🔗 Longest Chain Rule
The chain with the most cumulative proof-of-work is considered the valid one. This prevents malicious actors from rewriting history.
🖥️ One-CPU-One-Vote
Voting power is proportional to computational power, not number of nodes. This prevents Sybil attacks where one entity creates many fake identities.
⚡ Exponential Difficulty
The work required increases exponentially with the number of leading zeros required. This makes the blockchain extremely secure against attacks.