How does proof of work inspire trust when the work is just guessing?
I'm struggling to understand the value added by machines guessing at inputs to create a hash below a target value in order to produce a proof of work. I understand the proof of work is somehow supposed to inspire trust in the distributed record of transactions. How? Why should someone winning a lottery cause me to have trust in a blockchain?
proof-of-work
New contributor
add a comment |
I'm struggling to understand the value added by machines guessing at inputs to create a hash below a target value in order to produce a proof of work. I understand the proof of work is somehow supposed to inspire trust in the distributed record of transactions. How? Why should someone winning a lottery cause me to have trust in a blockchain?
proof-of-work
New contributor
add a comment |
I'm struggling to understand the value added by machines guessing at inputs to create a hash below a target value in order to produce a proof of work. I understand the proof of work is somehow supposed to inspire trust in the distributed record of transactions. How? Why should someone winning a lottery cause me to have trust in a blockchain?
proof-of-work
New contributor
I'm struggling to understand the value added by machines guessing at inputs to create a hash below a target value in order to produce a proof of work. I understand the proof of work is somehow supposed to inspire trust in the distributed record of transactions. How? Why should someone winning a lottery cause me to have trust in a blockchain?
proof-of-work
proof-of-work
New contributor
New contributor
New contributor
asked 1 hour ago
mrwnt10mrwnt10
82
82
New contributor
New contributor
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Forget PoW for a second: lets instead imagine that you have a box, and you've placed a lock on it, in order to secure it's contents.
Now, if someone asks you how secure the contents are, then the size and type of lock is fairly important. Tying the box closed with a bit of string isn't very good security, at least compared to a heavy-duty padlock. For an attacker to get into the box and alter it's contents, they will need to work much harder to get past the padlock, compared to the string. We can use the word 'work' here in the thermodynamic sense: energy being used to perform an action. In order to break into the box, there is a minimum amount of work we would expect the assailant to have done. The minimum amount of work to break the padlock is obviously higher than the string, so we consider the padlock more secure.
Keep that point in mind: breaking into a more secure box requires more work. You cannot fake the work, you either have the resources to cut the lock, or not.
So lets go back to Bitcoin mining: when a miner is hashing to find a valid PoW, they are doing work by expending energy as computational cycles. The PoW function is devised such that we can expect a certain amount of work to be done (on average), in order for the miner to find a valid block. You can think of this PoW as the 'lock' that has been put on the block: in order for an attacker to alter the history of transactions, they will have to perform (on average) this same amount of work (spending energy, a real resource) in order to replace the block (thus 'breaking the lock', as in our example from above).
Thus, the history of transactions is secured by miners spending energy to create the PoW that is required for a block to be valid. More energy spent mining creates a 'more secure lock', since a malicious miner would have to spent an equal amount of energy in order to break it. Miners are incentivized to continue building upon old blocks, thus piling one lock on top of another lock, on top of another lock... and it is this mechanism which allows the history of Bitcoin transactions to be considered secure.
add a comment |
It is because of the nature of the hashing algorithms and one-way functions in general. The amount of work to get an input that hashes below a certain value is directly related to how low that value is.
This is because there is no known way to reverse calculate the input of SHA256 that will result in a valid hash. The work is basically the number of guesses, on average, that it will take to get a valid hash at a given difficulty. While it is true that it is random chance to get a valid hash, the probability decreases with a lower value, so more work must be done (on average). It's important to think of it in terms of probabilities and average number of attempts required.
It inspires trust because in order to reverse the transactions, one must redo the work (or execute the same number of guesses - on average) in order for replacement blocks to be accepted in place of blocks in the existing chain. This is called a 51% attack.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "308"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
mrwnt10 is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f83951%2fhow-does-proof-of-work-inspire-trust-when-the-work-is-just-guessing%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Forget PoW for a second: lets instead imagine that you have a box, and you've placed a lock on it, in order to secure it's contents.
Now, if someone asks you how secure the contents are, then the size and type of lock is fairly important. Tying the box closed with a bit of string isn't very good security, at least compared to a heavy-duty padlock. For an attacker to get into the box and alter it's contents, they will need to work much harder to get past the padlock, compared to the string. We can use the word 'work' here in the thermodynamic sense: energy being used to perform an action. In order to break into the box, there is a minimum amount of work we would expect the assailant to have done. The minimum amount of work to break the padlock is obviously higher than the string, so we consider the padlock more secure.
Keep that point in mind: breaking into a more secure box requires more work. You cannot fake the work, you either have the resources to cut the lock, or not.
So lets go back to Bitcoin mining: when a miner is hashing to find a valid PoW, they are doing work by expending energy as computational cycles. The PoW function is devised such that we can expect a certain amount of work to be done (on average), in order for the miner to find a valid block. You can think of this PoW as the 'lock' that has been put on the block: in order for an attacker to alter the history of transactions, they will have to perform (on average) this same amount of work (spending energy, a real resource) in order to replace the block (thus 'breaking the lock', as in our example from above).
Thus, the history of transactions is secured by miners spending energy to create the PoW that is required for a block to be valid. More energy spent mining creates a 'more secure lock', since a malicious miner would have to spent an equal amount of energy in order to break it. Miners are incentivized to continue building upon old blocks, thus piling one lock on top of another lock, on top of another lock... and it is this mechanism which allows the history of Bitcoin transactions to be considered secure.
add a comment |
Forget PoW for a second: lets instead imagine that you have a box, and you've placed a lock on it, in order to secure it's contents.
Now, if someone asks you how secure the contents are, then the size and type of lock is fairly important. Tying the box closed with a bit of string isn't very good security, at least compared to a heavy-duty padlock. For an attacker to get into the box and alter it's contents, they will need to work much harder to get past the padlock, compared to the string. We can use the word 'work' here in the thermodynamic sense: energy being used to perform an action. In order to break into the box, there is a minimum amount of work we would expect the assailant to have done. The minimum amount of work to break the padlock is obviously higher than the string, so we consider the padlock more secure.
Keep that point in mind: breaking into a more secure box requires more work. You cannot fake the work, you either have the resources to cut the lock, or not.
So lets go back to Bitcoin mining: when a miner is hashing to find a valid PoW, they are doing work by expending energy as computational cycles. The PoW function is devised such that we can expect a certain amount of work to be done (on average), in order for the miner to find a valid block. You can think of this PoW as the 'lock' that has been put on the block: in order for an attacker to alter the history of transactions, they will have to perform (on average) this same amount of work (spending energy, a real resource) in order to replace the block (thus 'breaking the lock', as in our example from above).
Thus, the history of transactions is secured by miners spending energy to create the PoW that is required for a block to be valid. More energy spent mining creates a 'more secure lock', since a malicious miner would have to spent an equal amount of energy in order to break it. Miners are incentivized to continue building upon old blocks, thus piling one lock on top of another lock, on top of another lock... and it is this mechanism which allows the history of Bitcoin transactions to be considered secure.
add a comment |
Forget PoW for a second: lets instead imagine that you have a box, and you've placed a lock on it, in order to secure it's contents.
Now, if someone asks you how secure the contents are, then the size and type of lock is fairly important. Tying the box closed with a bit of string isn't very good security, at least compared to a heavy-duty padlock. For an attacker to get into the box and alter it's contents, they will need to work much harder to get past the padlock, compared to the string. We can use the word 'work' here in the thermodynamic sense: energy being used to perform an action. In order to break into the box, there is a minimum amount of work we would expect the assailant to have done. The minimum amount of work to break the padlock is obviously higher than the string, so we consider the padlock more secure.
Keep that point in mind: breaking into a more secure box requires more work. You cannot fake the work, you either have the resources to cut the lock, or not.
So lets go back to Bitcoin mining: when a miner is hashing to find a valid PoW, they are doing work by expending energy as computational cycles. The PoW function is devised such that we can expect a certain amount of work to be done (on average), in order for the miner to find a valid block. You can think of this PoW as the 'lock' that has been put on the block: in order for an attacker to alter the history of transactions, they will have to perform (on average) this same amount of work (spending energy, a real resource) in order to replace the block (thus 'breaking the lock', as in our example from above).
Thus, the history of transactions is secured by miners spending energy to create the PoW that is required for a block to be valid. More energy spent mining creates a 'more secure lock', since a malicious miner would have to spent an equal amount of energy in order to break it. Miners are incentivized to continue building upon old blocks, thus piling one lock on top of another lock, on top of another lock... and it is this mechanism which allows the history of Bitcoin transactions to be considered secure.
Forget PoW for a second: lets instead imagine that you have a box, and you've placed a lock on it, in order to secure it's contents.
Now, if someone asks you how secure the contents are, then the size and type of lock is fairly important. Tying the box closed with a bit of string isn't very good security, at least compared to a heavy-duty padlock. For an attacker to get into the box and alter it's contents, they will need to work much harder to get past the padlock, compared to the string. We can use the word 'work' here in the thermodynamic sense: energy being used to perform an action. In order to break into the box, there is a minimum amount of work we would expect the assailant to have done. The minimum amount of work to break the padlock is obviously higher than the string, so we consider the padlock more secure.
Keep that point in mind: breaking into a more secure box requires more work. You cannot fake the work, you either have the resources to cut the lock, or not.
So lets go back to Bitcoin mining: when a miner is hashing to find a valid PoW, they are doing work by expending energy as computational cycles. The PoW function is devised such that we can expect a certain amount of work to be done (on average), in order for the miner to find a valid block. You can think of this PoW as the 'lock' that has been put on the block: in order for an attacker to alter the history of transactions, they will have to perform (on average) this same amount of work (spending energy, a real resource) in order to replace the block (thus 'breaking the lock', as in our example from above).
Thus, the history of transactions is secured by miners spending energy to create the PoW that is required for a block to be valid. More energy spent mining creates a 'more secure lock', since a malicious miner would have to spent an equal amount of energy in order to break it. Miners are incentivized to continue building upon old blocks, thus piling one lock on top of another lock, on top of another lock... and it is this mechanism which allows the history of Bitcoin transactions to be considered secure.
answered 1 hour ago
chytrikchytrik
6,4902625
6,4902625
add a comment |
add a comment |
It is because of the nature of the hashing algorithms and one-way functions in general. The amount of work to get an input that hashes below a certain value is directly related to how low that value is.
This is because there is no known way to reverse calculate the input of SHA256 that will result in a valid hash. The work is basically the number of guesses, on average, that it will take to get a valid hash at a given difficulty. While it is true that it is random chance to get a valid hash, the probability decreases with a lower value, so more work must be done (on average). It's important to think of it in terms of probabilities and average number of attempts required.
It inspires trust because in order to reverse the transactions, one must redo the work (or execute the same number of guesses - on average) in order for replacement blocks to be accepted in place of blocks in the existing chain. This is called a 51% attack.
add a comment |
It is because of the nature of the hashing algorithms and one-way functions in general. The amount of work to get an input that hashes below a certain value is directly related to how low that value is.
This is because there is no known way to reverse calculate the input of SHA256 that will result in a valid hash. The work is basically the number of guesses, on average, that it will take to get a valid hash at a given difficulty. While it is true that it is random chance to get a valid hash, the probability decreases with a lower value, so more work must be done (on average). It's important to think of it in terms of probabilities and average number of attempts required.
It inspires trust because in order to reverse the transactions, one must redo the work (or execute the same number of guesses - on average) in order for replacement blocks to be accepted in place of blocks in the existing chain. This is called a 51% attack.
add a comment |
It is because of the nature of the hashing algorithms and one-way functions in general. The amount of work to get an input that hashes below a certain value is directly related to how low that value is.
This is because there is no known way to reverse calculate the input of SHA256 that will result in a valid hash. The work is basically the number of guesses, on average, that it will take to get a valid hash at a given difficulty. While it is true that it is random chance to get a valid hash, the probability decreases with a lower value, so more work must be done (on average). It's important to think of it in terms of probabilities and average number of attempts required.
It inspires trust because in order to reverse the transactions, one must redo the work (or execute the same number of guesses - on average) in order for replacement blocks to be accepted in place of blocks in the existing chain. This is called a 51% attack.
It is because of the nature of the hashing algorithms and one-way functions in general. The amount of work to get an input that hashes below a certain value is directly related to how low that value is.
This is because there is no known way to reverse calculate the input of SHA256 that will result in a valid hash. The work is basically the number of guesses, on average, that it will take to get a valid hash at a given difficulty. While it is true that it is random chance to get a valid hash, the probability decreases with a lower value, so more work must be done (on average). It's important to think of it in terms of probabilities and average number of attempts required.
It inspires trust because in order to reverse the transactions, one must redo the work (or execute the same number of guesses - on average) in order for replacement blocks to be accepted in place of blocks in the existing chain. This is called a 51% attack.
answered 1 hour ago
JBaczukJBaczuk
4,3461321
4,3461321
add a comment |
add a comment |
mrwnt10 is a new contributor. Be nice, and check out our Code of Conduct.
mrwnt10 is a new contributor. Be nice, and check out our Code of Conduct.
mrwnt10 is a new contributor. Be nice, and check out our Code of Conduct.
mrwnt10 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Bitcoin Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f83951%2fhow-does-proof-of-work-inspire-trust-when-the-work-is-just-guessing%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown