Introduction
Proof of Work (commonly abbreviated to PoW) is a mechanism for preventing double-spends. Most major cryptocurrencies use this as their consensus algorithm. Thatâs just what we call a method for securing the cryptocurrencyâs ledger.
Proof of Work was the first consensus algorithm to surface, and, to date, remains the dominant one. It was introduced by Satoshi Nakamoto in the 2008 Bitcoin white paper, but the technology itself was conceived long before then.Â
Adam Backâs HashCash is an early example of a Proof of Work algorithm in the pre-cryptocurrency days. By requiring senders to perform a small amount of computing before sending an email, receivers could mitigate spam. This computation would cost virtually nothing to a legitimate sender, but quickly add up for someone sending emails en masse.
What is a double-spend?
A double-spend occurs when the same funds are spent more than once. The term is used almost exclusively in the context of digital money â after all, youâd have a hard time spending the same physical cash twice. When you pay for a coffee today, you hand cash over to a cashier who probably locks it in a register. You canât go to the coffee shop across the road and pay for another coffee with the same bill.
In digital cash schemes, thereâs the possibility that you could. Youâve surely duplicated a computer file before â you just copy and paste it. You can email the same file to ten, twenty, fifty people.Â
Since digital money is just data, you need to prevent people from copying and spending the same units in different places. Otherwise, your currency will collapse in no time.Â
For a more in-depth look at double-spending, check out Double Spending Explained.
Why is Proof of Work necessary?
If youâve read our guide to blockchain technology, youâll know that users broadcast transactions to the network. Those transactions arenât immediately considered valid, though. That only happens when they get added to the blockchain.Â
The blockchain is a big database that every user can see, so they can check if funds have been spent before. Picture it like this: you and three friends have a notepad. Anytime one of you wants to make a transfer of whatever units youâre using, you write it down â Alice pays Bob five units, Bob pays Carol two units, etc.
Thereâs another intricacy here â each time you make a transaction, you refer to the transaction where the funds came from. So, if Bob was paying Carol with two units, the entry would actually look like the following: Bob pays Carol two units from this earlier transaction with Alice.
Now, we have a way to track the units. If Bob tries to make another transaction using the same units he just sent to Carol, everyone will know immediately. The group wonât allow the transaction to be added to the notepad.
Now, this might work well in a small group. Everyone knows each other, so theyâll probably agree on which of the friends should add transactions to the notepad. What if we want a group of 10,000 participants? The notepad idea doesnât scale well, because nobody wants to trust a stranger to manage it.
This is where Proof of Work comes in. It ensures that users arenât spending money that they donât have the right to spend. By using a combination of game theory and cryptography, a PoW algorithm enables anyone to update the blockchain according to the rules of the system.
How does PoW work?
Our notepad above is the blockchain. But we donât add transactions one by one â instead, we lump them into blocks. We announce the transactions to the network, then users creating a block will include them in a candidate block. The transactions will only be considered valid once their candidate block becomes a confirmed block, meaning that it has been added to the blockchain.
Appending a block isnât cheap, however. Proof of Work requires that a miner (the user creating the block) uses up some of their own resources for the privilege. That resource is computing power, which is used to hash the blockâs data until a solution to a puzzle is found.
Hashing the blockâs data means that you pass it through a hashing function to generate a block hash. The block hash works like a âfingerprintâ â itâs an identity for your input data and is unique to each block.
Itâs virtually impossible to reverse a block hash to get the input data. Knowing an input, however, itâs trivial for you to confirm that the hash is correct. You just have to submit the input through the function and check if the output is the same.
In Proof of Work, you must provide data whose hash matches certain conditions. But you donât know how to get there. Your only option is to pass your data through a hash function and to check if it matches the conditions. If it doesnât, youâll have to change your data slightly to get a different hash. Changing even one character in your data will result in a totally different result, so thereâs no way of predicting what an output might be.
As a result, if you want to create a block, youâre playing a guessing game. You typically take information on all of the transactions that you want to add and some other important data, then hash it all together. But since your dataset wonât change, you need to add a piece of information that is variable. Otherwise, you would always get the same hash as output. This variable data is what we call a nonce. Itâs a number that youâll change with every attempt, so youâre getting a different hash every time. And this is what we call mining.
Summing up, mining is the process of gathering blockchain data and hashing it along with a nonce until you find a particular hash. If you find a hash that satisfies the conditions set out by the protocol, you get the right to broadcast the new block to the network. At this point, the other participants of the network update their blockchains to include the new block.
For major cryptocurrencies today, the conditions are incredibly challenging to satisfy. The higher the hash rate on the network, the more difficult it is to find a valid hash. This is done to ensure that blocks arenât found too quickly.
As you can imagine, trying to guess massive amounts of hashes can be costly on your computer. Youâre wasting computational cycles and electricity. But the protocol will reward you with cryptocurrency if you find a valid hash.
Letâs recap what we know so far:
Itâs expensive for you to mine.
Youâre rewarded if you produce a valid block.
Knowing an input, a user can easily check its hash â non-mining users can verify that a block is valid without expending much computational power.
So far, so good. But what if you try to cheat? Whatâs to stop you from putting a bunch of fraudulent transactions into the block and producing a valid hash?
Thatâs where public-key cryptography comes in. We wonât go into depth in this article, but check out What is Public-Key Cryptography? for a comprehensive look at it. In short, we use some neat cryptographic tricks that allow any user to verify whether someone has a right to move the funds theyâre attempting to spend.
When you create a transaction, you sign it. Anyone on the network can compare your signature with your public key, and check whether they match. Theyâll also check if you can actually spend your funds and that the sum of your inputs is higher than the sum of your outputs (i.e., that youâre not spending more than you have).
Any block that includes an invalid transaction will be automatically rejected by the network. Itâs expensive for you to even attempt to cheat. Youâll waste your own resources without any reward.
Therein lies the beauty of Proof of Work: it makes it expensive to cheat, but profitable to act honestly. Any rational miner will be seeking ROI, so they can be expected to behave in a way that guarantees revenue.
Looking to get started with cryptocurrency? Buy Bitcoin on Binance!
Proof of Work vs. Proof of Stake
There are many consensus algorithms, but one of the most highly-anticipated ones is Proof of Stake (PoS). The concept dates back to 2011, and has been implemented in some smaller protocols. But it has yet to see adoption in any of the big blockchains.
In Proof of Stake systems, miners are replaced with validators. Thereâs no mining involved and no race to guess hashes. Instead, users are randomly selected â if theyâre picked, they must propose (or âforgeâ) a block. If the block is valid, theyâll receive a reward made up of the fees from the blockâs transactions.
Not just any user can be selected, though â the protocol chooses them based on a number of factors. To be eligible, participants must lock up a stake, which is a predetermined amount of the blockchainâs native currency. The stake works like bail: just as defendants put up a large sum of money to disincentivize them from skipping trial, validators lock up a stake to disincentivize cheating. If they act dishonestly, their stake (or a portion of it) will be taken.
Proof of Stake does have some benefits over Proof of Work. The most notable one is the smaller carbon footprint â since thereâs no need for high-powered mining farms in PoS, the electricity consumed is only a fraction of that consumed in PoW.Â
That said, it has nowhere near the track record of PoW. Although it could be perceived as wasteful, mining is the only consensus algorithm thatâs proven itself at scale. In just over a decade, it has secured trillions of dollars worth of transactions. To say with certainty whether PoS can rival its security, staking needs to be properly tested in the wild.Â
Closing thoughts
Proof of Work was the original solution to the double-spend problem and has proven to be reliable and secure. Bitcoin proved that we donât need centralized entities to prevent the same funds from being spent twice. With clever use of cryptography, hash functions, and game theory, participants in a decentralized environment can agree on the state of a financial database.