Proof-of-Work is the consensus algorithm used in the Bitcoin protocol. However, Proof-of-Work has been a concept in the making since the early 90s. In 1993, we were introduced to the Proof-of-Work system by Cynthia Dwork and Moni Naor. Later, we saw Adam Back’s ‘Hashcash’ (1997) use a Proof-of-Work system and utilize the SHA1 hashfunction as a way of deterring spamming efforts on things like forum boards or e-mail servers. Today, we have Bitcoin a decentralized digital cash which uses a SHA256 hash function.
My goal in this writing is to dive deeper into the Proof-of-Work system and discuss it’s incorporation of hash functions like SHA1 or SHA256 and how these concepts are being used in Bitcoin today.
Hash functions
Before diving into Proof-of-Work, it’s important to understand how hash functions work. There’s a number of different hash functions such as SHA1, SHA256, MD5*, etc. Each of these hash functions can be used for different purposes depending on what is being built with them and the desired size of the output or hash.
*MD5, these days, is considered insecure and isn’t a hash function regularly used anymore.
The SHA256 algorithm takes any input or data set and scrambles it into a fixed size of 256 bits or 32 bytes (vs. SHA1 160 bits). The scrambled output/digest received is a ‘hash’ which essentially serves as a fingerprint which can be used to verify a data set. When inputting a string of text into a hash function, the output received is seemingly random — however, the algorithm is deterministic — meaning a specific input will always result in the same output. For example, hashing the word “Hello” using SHA256 will always result in a hash of “185F8DB322…7D17648263”. Often times, mostly in the case of password storage, a ‘salt’ or an arbitrary addition to the input is added to the string of text before being hashed — this is to further increase the security of a string before hashing it (i.e. “1H2el3lo” with the salt being ‘123’). The slightest difference in an input, such as case sensitivity, will result in a completely different hash with no clear similarities.
You can test this out with any string of text you’d like using a simple generator such as: https://www.freeformatter.com/sha256-generator.html
It’s important to note that hashing an input is not necessarily a method of encryption and the hash cannot be ‘reversed’ or decrypted to find the original input. However, a hash value could be bruteforced to find the input or original string of text which results in a specific digest.
Proof of Work
In 1993, Cynthia Dwork and Moni Naor published a paper titled “Pricing via Processing or Combatting Junk Mail”. In this paper, they proposed a way of tackling the problem of junk e-mail from a computational standpoint without adding notable additional costs to legitimate users.
In the case of PoW systems being used in e-mail, you can compare the PoW protocol to a postage stamp used in regular mail. However, instead of purchasing a stamp to attach to your e-mail, the PoW system uses your computational power to solve a ‘challenge string’. If a spammer wanted to send hundreds of thousands of emails, it would require a substantial amount of computing power in order to provide solutions to each challenge string. Thus increasing costs and/or resources required to do so. This effectively prevents spammers from sending out e-mails on a massive scale. Similarly, PoW systems can be used to prevent DoS attacks; before being allowed access to a service, you’re often required to solve one of these challenge strings.
As an example, your computer would be presented with a challenge string, and your computer’s proof/response along with the challenge string when placed through a hash function would be required to provide a hash that begins with a specific # of 0s (i.e. a hash of “0000000000xxx…”). The prover in a PoW scheme essentially bruteforces the challenge string with numerous responses until a hash with the required # of 0s is produced. Once the required hash is produced by the prover, the actions are permitted. If you wanted to scale the difficulty of this computation, you could adjust the required number of 0s required in the beginning of the output. As you can imagine, completing these computations on a large scale would require vast amounts of computing power.
The Proof of Work system, outside of usage in blockchain technology, is useful due to it’s ability to throttle and deter bad actors from flooding a network — whether it be sending mass amounts of spam e-mail or DoS attacking a server.
Bitcoin & PoW
In Bitcoin, we see an implementation of the PoW system to tackle the issue of double spending — An unsolved issue in today’s legacy payment networks.
Proof of Work, combined with a little game theory, incentivizes honest actors to participate in the Bitcoin network. Each time a new block is produced, miners on the network are presented with a challenge string. From there, each miner on the network bruteforces the challenge string in order to find the fitting proof string. Once a solution is found and confirmed, a transaction is allowed to be processed and broadcast to the network.
The PoW system also preserves the decentralization/peer to peer nature of a blockchain. There is no central authority which can roll back a transaction and/or force a transaction to go through. The only way this would be possible would be by obtaining 51% of the hashpower, something which is essentially unfeasible. It is in a network participant’s best interest to remain honest due to the reward structure Bitcoin provides to miners. Each time a block is mined, a block reward is given to the miner who found the solution. The difficulty to mine blocks is determined by the number of network participants. The more people attempting to solve the challenge string, the less chance an existing miner has to mine the block. This creates value in the underlying asset — as it, on average, costs more to ‘create’ a bitcoin as the total hashpower of the network increases.
