Blockchain In Plain English
This is not yet another post, written by a tech geek, to another tech geek. The knowledge gap between the blockchain space and the community is getting wider day by day. The aim of this series is to explain how Blockchains work in the simplest manner, so that an average person can easily understand it.
There will be 4 posts:
Small recap: Our 5 friends (unfortunately the 6th one has died short after he joined the group) abandoned centralized authorities, and tried to implement their own distributed ledger for keeping track of their money transactions. What we have built is based on round-robin fashion (taking turns) for adding transactions to the ledger (if this does not make sense, it means that you are cheating, and skipped the previous part. You nasty :). But our current solution has some drawbacks, it is not very secure (because of DoS attacks), and also we cannot allow anyone to join/leave the protocol as they please. Hence, it is not fully decentralized. We will solve these problems in this post, and will have a MUCH BETTER solution.
Two birds (no birds were harmed in the writing of this article):
One stone:
Here comes the two sides of my personality: *Smart-Oz* and *Noob-Oz*. They will lead the discussions from now on.
Noob-Oz: Wait, wait… What is a puzzle
?
Smart-Oz: Fair question. Think of it as a password break challenge. There is no mathematical equation that will let us crack an unknown password, right? You basically need to brute-force it, and the luckier one will solve it first. So basically, we should derive a puzzle/challenge, that can be solved only by brute-forcing.
Noob-Oz: So everybody will try to solve this puzzle simultaneously, and whoever solves it gets to create the next page?
Smart-Oz: Exactly!
Noob-Oz: But, how can the others be aware of that solution, and the new page?
Smart-Oz: The solver of the puzzle will create the page, with the solution of the challenge embedded in the page along with the transactions. And he will broadcast that newly crafted page. Anybody can verify that solution is correct. So cheaters won’t gain anything by broadcasting an invalid solution.
Noob-Oz: What if 2 or more people solve it around the same time, and broadcast the new pages?
Smart-Oz: There will be chaos… But, we can prevent this with a small tweak :) The challenge shouldn’t be too easy. Otherwise, many people can solve it at the same time as you said, and we don’t want that. If the challenge is hard enough, the likelihood of 2 people solving it around the same time will be nearly zero. Hence, even the connection issues won’t be a problem.
Noob-Oz: But, won’t it cripple the network then? You mentioned the others should verify the solution. If the problem is so hard to solve, then everybody else will spend that enormous amount of time for verification. And some malicious actors can spam the network via sending many incorrect solutions, basically performing a DoS attack on the network?
Smart-Oz: If the problem is symmetric, yes! That’s why, we have to set our puzzle so that, it should be an asymmetric one. Think of solving a Sudoku, and verifying a Sudoku solution. Even computers cannot easily solve very big instances of Sudoku (may take days/months depending on the size of the Sudoku), but they can instantly verify a solution for those very big instances. There are such asymmetric puzzles in cryptography too. Read this if you are interested (Public Key Cryptopgraphy).
Noob-Oz: Ok, got it. But who will set the puzzle? Won’t it make the protocol centralized again?
Smart-Oz: NICE! This question is proving that you are starting the understand what blockchain is. A person/committee cannot set the puzzle if we want decentralization. That’s why, we should derive the puzzle from the protocol itself, then it won’t be a problem.
Noob-Oz: Ugh… What?
Smart-Oz: Ok. What we need is, a challenge/puzzle for every slot (page), right? The most straightforward approach would be generating this challenge from the previous slot (page). So, now we have 3 criteria for our puzzle:
Noob-Oz: ?
Smart-Oz: ???
Noob-Oz: ????????
Smart-Oz: Didn’t it ring a bell? … Hash functions?
Noob-Oz: What the heck is even that?
Smart-Oz: Read this (Hash Functions). I will wait for you.
(Smart-Oz chose wisely by not explaining how Hash Functions work in this post. He shall not waste the time of those, who already possess the mighty knowledge of Hash Functions. He made another post on explaining the Hash Functions for the ones who seek the light, which takes ONLY 3 minutes to read!)
Noob-Oz: I’m starting to get it, but a concrete example of how challenges would be derived would help a lot.
Smart-Oz: Let’s go step by step from our criteria (asymmetry, hardness, and previous slot dependency). We can start with asymmetry. Say, we want to have “01010..10” (alternating 0’s and 1’s) as an output from our hash function. We cannot reverse the hash function, and find the corresponding input. In other words: if we want to achieve a specific output via a hash function, we don’t know what to put as an input. This is the best property of the hash functions. So we have no chance other than brute-forcing all the possible inputs. But if we find such an input, anybody can verify it instantly via running the hash algorithm for themselves. We good?
Noob-Oz: We good. Asymmetry, checked!
Smart-Oz: Let’s focus on hardness now. The above example of alternating 0’s and 1’s, is way harder than what we want in our protocol by the way. For each digit, let’s assume hash functions are generating 10 possible characters (0,1,2,3,4,5,6,7,8,9). So, for each digit, we have a 1/10 chance of solving the challenge.
Noob-Oz: So, for 2 digits, we have 2 x 1/10 = 1/5 chance?
Smart-Oz: (grabs a knife)
Noob-Oz: It was a joke! I swear!
Smart-Oz: Prove it.
Noob-Oz: (panting) For example: if we want the first 3 digits to be 0
, then we must be lucky for the first digit (1/10 chance), on top of that, we have to be lucky for the second digit (1/10 chance), and also for the third one (another 1/10 chance). It will be 1/10 * 1/10 * 1/10, which is way harder than being lucky for the first digit only.
Smart-Oz: (puts down the knife, and takes a deep breath). Ok, so we can tweak the hardness as we like. For example, the condition of first 10 digits must be 0
, could work.
Noob-Oz: I see. Hardness, checked!
Smart-Oz: This one is pretty easy actually. We can just hash the whole previous page, and include it as a part of our input.
Noob-Oz: Hmm… Makes sense. But what will be the puzzle/challenge itself? It’s still very vague in my head.
Smart-Oz: Hash of the new page (to be created), will be the challenge. The first 10 digits of this very hash should be 0
.
Noob-Oz: How can we include the previous page’s hash then?
Smart-Oz: We will simply include the “hash of the previous page” in the Word page we are creating. So, the hash of the current page will include the previous page’s hash as an input.
Noob-Oz: Ok, great. But what about the first page? There isn’t any previous page, what hash should it include?
Smart-Oz: We don’t need a challenge for the first block. That will be an exception actually, let’s forget about it for the moment.
Noob-Oz: Deal. But I still cannot imagine how it will be possible to solve the challenge? We can’t modify the transactions, we also cannot modify the previous page (at least we shouldn’t be, right?). So what’s left for us to modify on this page? We should be able to modify something so we can brute-force the possibilities to solve the challenge (first 10 digits being 0
).
Smart-Oz: You are 100% right. We need an extra thing, that we can modify, so we can play with the outcome of the hash. And there is a very simple solution for that. We will add another field to the page structure, Nonce
. The creator of the page can set Nonce
to whatever he wants. Thus, he will be able to solve the puzzle, via brute-forcing the values of Nonce
.
Noob-Oz: Got it. Previous slot dependency, checked!
Noob-Oz: There is one more thing that I do not understand. Why should anyone ever bother solving this puzzle? Seems like a lot of work…
Smart-Oz: True… There should be a prize that compensates for this hard work. That is why, the creator of the page earns some money. Here is how it works: Our pages consist of basically 3 things (transactions, previous page’s hash, Nonce
). Now, we will have another one, this will be a single special transaction, that can create money out of thin air (think it as governments printing money), and puts the newly printed money into the solver’s account. Of course, the amount of money should be constant, which is determined by the protocol. For example: if you solve a challenge for the next slot for Bitcoin at the moment, you can put 6.25 BTC into your account. This 6.25 BTC was not anyone’s BTC. It’s not that Satoshi Nakamoto is sending that to you. This is newly printed, minted, mined, (whatever you like to call it) BTC, that did not exist before.
Noob-Oz: If I’m the solver of the next page, I get to add another transaction, that puts 6.25 BTC into my account. But what happens if I put 10000 BTC into my account instead of 6.25 BTC? Can’t I do that?
Smart-Oz: You can. Remember, no rules are forced on blockchain. But you will gain nothing out of it. Others would simply not accept your page (it does not obey the rules of the protocol). And wait for another person to solve it. Basically, the protocol will stall until someone honest solves the challenge and generates a new page.
Noob-Oz: It seems easy when inspecting it component via component. But putting all of them together. I mean…. Wow…
Satoshi Nakamoto
In order to create a page, one must solve a hard challenge. And by providing his solution (Nonce
) on the page,
he proves that he solved the challenge (proves that he did some work). Hence, the name Proof of Work.
Instead of calling them pages, we call them blocks. And also, since each block contains the previous block’s hash, we are kind of chaining them together.
Yes, I can use the same thing twice. It’s my blog after all
We have more to cover, but here is a great stopping point if you feel like your brain is melting.
In the next article, we will cover: