1:2 Brute Force Consensus
Whether you are a potential investor, entrepreneur, or corporate intrapreneur looking to implement a DLT solution (or anything in between) these next chapters provide a firm technical understanding of how distributed ledgers actually work.
You don't need to understand infrared to work your TV remote
You don't need to understand fluid dynamics to fly in a plane
Somebody better understand how fluid dynamics work, or the plane is going to fall out of the sky.
This is the heart of "asymmetric" downside, or that a critical technical failure could destroy the entire system (slowly or quickly). To limit asymmetric downside someone should have deep understanding of the core logic/mathematics that governs the system.
As a complete picture of computer science is too complex for any one individual to understand, we need to build a framework around what characteristics a robust system needs, knowing that our knowledge will always be some level of abstraction away from the raw 1s and 0s that power the system.
We have established there is a universal global ledger that records transactions agnostic of who the sender and receiver are provided they pay the appropriate entrance fee. The "distributed" part of distributed ledger technology.
People (or programs) send transactions to the ledger
Consensus happens where the sausage is made and transactions are approved
Results of the transactions are distributed to many ledgers
The first thought most computer people have after hearing this is usually: wow this sounds WAY LESS EFFICIENT than a regular centralized database.
The laws of physics and common sense would both agree:
storing information in many places uses more resources than storing information in a single place
and competitive parties fighting to validate a transaction is much less efficient than a single party performing the validation
So why are we sacrificing so much in terms of computational resources, cost, and ultimately environmental impact to feed the Bitcoin machine?? What do we gain from our sacrifice?
The “decentralize everything” party line typically goes something like:
Efficiency <----------------------> Trust
Where there is a trade off or "sacrifice" between efficiency and trust.
In other words, to be assured that no one is going to tamper with your transaction, we must make sure the miner (eg. the computer randomly assigned to place your transaction into the ledger) is trustworthy.
In a traditional centralized banking ledger, validation is easy. Chase Bank as a transaction validator has a legal and financial best interest to make sure your transaction goes through without being tampered with.
In a future where potentially Chase does not exist, how can we possibly guarantee that a total stranger will process our transactions honestly, and not attempt to maliciously change the ledger for their own best interest?
How the Bitcoin Sausage is Made
Chase stores billions of transactions in a single place (with a few redundant backups here and there in case things go wrong) but by and large does not need to spend significant resources to send each new transaction into the system. Rather they spend large amounts protecting a monolithic system, and amortize that cost over all of their transactions.
Things work exactly the opposite way in the Bitcoin world. The code that runs the system is very small (less than 1000 lines of C++), free, and open. However, each transaction sent to the system costs money to process, sometimes in excess of 20 dollars US when demand is high and the system is clogged.
Transactions on the bitcoin network have been processed roughly every 10 minutes for the last 10 years without fault due to a very hard math race. Anyone on earth can enter this race by running a simple mining program that looks for a very special string of random letters and numbers called a nonce which is added to a cryptographic hash. This brute force approach to win the race by finding the random number first is called Proof-of-Work.
Hashes are a key foundation of modern cryptography as they can take an input of any size and create an output of a fixed sized. If even a single character is out of place, the entire hash will be completely different. This amazing technology relies on surprisingly simple logic where at it’s core. If you write every 1 and 0 from a file out sequentially, takes a trivial amount of processing power to determine if the sequence is even or odd. All hashes do is store a series of even or odd calculations about the underlying data that can be used to verify the 1s and 0s of a particular data store match the hashed “fingerprint” exactly. If a single 1 was flipped to 0 either through forgery, or by an error in the computer hardware, the hashes will not match.
Long before modern hashing was possible, if you were a German general in World War II and wanted to make sure the location of your submarines was not found, you would use an Enigma machine to turn your plain text message into an indecipherable string of random letters.
It took the invention of the first computer called the Turing machine to successfully reverse German codes (called ciphers) and win the war. Ever since there has been an increasing arm's race between keeping coded messages secure, and breaking them.
Today we live in a world where e-commerce, e-banking, and even e-voting is possible because we can trust that code breakers will not be able to steal secure information transmitted over the internet. Whenever you see the little lock on your internet browser while shopping on Amazon.com, technologies called SSL and TLS protect your sensitive credit card information by creating a secure channel over the open internet between you and Amazon which a man-in-the-middle cannot intercept.
While this critical data is protected en-route, without a blockchain solution like Bitcoin, we cannot be guaranteed data will be stored in an incorruptible format for all time.
Controlled Break Ins
Bitcoin consensus sits in the middle of an arm's race between code makers and code breakers, by allowing miners to "break" the code roughly every 10 minutes. Instead of trying to break the enigma machine and win the war, miners are trying to break a cryptographic hashing algorithm called SHA2-256. (SHA2 refers to the encryption standard, while 256 refers to the length of bytes used to secure the encryption)
Launched in 2002, SHA2 is still used widely to secure critical data across the IT spectrum, though has since been phased out in favor of the newer SHA3 standard. So far, no one has figured out a reliable shortcut to break the SHA2 code short of trying every possible combination of numbers until a solution is randomly found.
As finding a single large random number would be next to impossible, the Bitcoin protocol continually limits the acceptable range of numbers a winning number can be found in within the SHA2-256 standard.
The protocol can thus adjust the difficulty based on how many people are racing to find the nonce, making the winning number harder to find when more people are searching, and easier when less people are searching.
The difficulty required to win the Bitcoin race is called the Target, which is a subset of an enormous number space between 0 and something less than 2^256 bytes. If you have played with exponents, raising 2 to any triple digit power is a very large number, as each of the 256 bits of data could be either a 1 or a 0.
If you wanted to guess a number that would win the bitcoin block with a one digit encryption you would have a 50% chance of guessing correctly.
Guessing two digits correctly would then be a 25% chance (00, 01, 10, or 11)
Three digits would be 20% (111, 000, 100, 010, 001), and so on.
So the real technical definition of how Bitcoin achieves consensus is:
The first computer running the random search algorithm to successfully find a number below the target, then provide this winning nonce to the network, has the right to validate the next block of transactions.
While there may be many winning solutions within the target space, only the first solution wins the race.
Sidebar: the security of a Bitcoin wallet (or the ability to access an amount of Bitcoin to send to another address) is also protected by 2^256 encryption.
However unlike the target difficulty where there are many solutions to the answer below the target, the security of the wallet needs exactly one single number out of 2^256 possibilities to be unlocked. Thus the chance of breaking into your Bitcoin wallet is the chance of correctly guessing 256 consecutive flips of a coin which is 1 in:
Isn't that amazing??
Whoever finds this random sequence first is entitled to validate all of the transactions that happened in the last block. The hope is by mixing up new winners in a competitive race, no single authority will be able to consistently win the right to post new transactions to the ledger. If a single entity did control the majority of the “hashpower” they would in effect control what can and cannot be submitted to the ledger.
To better define how this race works with respect to the total processing capacity of the Bitcoin network, we must look at two key variables.
Block time: Or the rough interval of time that passes between when miners are expected to find the next random winning lottery ticket
Block size: the size in bytes of the transaction data that can fit into a "block".
Bitcoin currently processes 1 megabyte worth of data into a "block" of transactions every every 10 minutes. The average transaction size for a simple peer-to-peer transaction from one individual address to another is roughly 180 bytes.
With a tiny bit of math you can get to the processing speed of raw Bitcoin blockchain.
Fundamental equation 1: transactions per second
(size of average transaction) x (block size) x (block interval) = transactions/second
Right now this a pitiful 3 transactions per second, as not all transactions are optimally small in size, and participants in the system sometimes "spam" the network with many transactions to clog the system, even though it is not in their strict financial best interest to do so.
For comparison Visa processes on average 3,000 transactions per second, with up to 40,000 transactions per second during peak holiday season.
Fundamental equation 2: energy spent per transaction
(number of other miners looking for random numbers) x (efficiency at searching for random numbers) = amount of energy spent per transaction
Unlike the first equation which can increase by either reducing block times, or increasing block size, energy spent per transaction will always increase as more people fight to validate transactions.
The more popular Bitcoin becomes, the LESS efficient it is
Think about the two inputs on the left side of the equation.
The number of people incentivized to search for the next block increases as the price/popularity increases.
This in turn creates a demand for better "mining equipment" (computers specialized to search for random numbers)
While the number of people wanting to search has no upward bound, the efficiency of searching for random numbers does.
In the beginning of Bitcoin mining, there were large efficiency increases as miners switched from general purpose CPUs, to more specialized GPUs (graphic cards). The final increase in efficiency came from the switch to Application-specific integrated circuits (specialized chips that can only search for random numbers using the SHA2-256 algorithm, sacrificing all other functionality in exchange for being incredibly efficient at looking for hashes).
Remember that SHA2-256 depends on there being no exploitable shortcuts to more efficiently guess the random value solution to each new block. Thus, Bitcoin miners are measured in terms of hashes per second. This metric shows how fast a mining machine is capable of pulling random numbers out of a hat.
Another important measure is hashes per watt, as electricity is the largest cost in running mining operations, thus being able to more efficiently search for random numbers will make miners with more efficient machines more profitable than their peers with older, less efficient equipment.
As ASIC chip efficiency roughly follows Moore's Law, every 18 months Bitcoin mining machines are made obsolete by the next generation of machines that can find more hashes in less time using less electricity.
While these efficiency gains on the surface sound like they make mining more sustainable over time, the competitive lottery process actually has the opposite effect. Any efficiency gains are offset in a zero sum race when competitors begin to bring their own more efficient machines on line. Massive amounts of e-waste is also created when old machines are decommissioned, or temporarily saved from the scrap heap by being resold to miners in areas with artificially cheap electricity sources.
Burn baby Burn
This equals roughly 1.2 million kilowatt hours needed to on average "win" a Bitcoin block. At 10 cents USD per kilowatt hour that is roughly $120,000 in electricity, or 906kw/10cents = $90.6 per transaction in electricity not counting the cost of the mining equipment, labor, and facilities.
No one in their right mind would ever pay $90 dollars in transaction fees to buy a cup of coffee!
In fact, you would need to send over $9000 dollars through Western Union at a 1% transaction fee for Bitcoin to become a cheaper transmitter of value. (Though sending $90,000,000 would also only cost $90 in all in electricity cost as the cost is fixed rather than a percentage)
However, the transaction fee to send a Bitcoin in May 2018 was not $90 dollars, but in fact under $2 per transaction, meaning the miners generated only ~$2800 in fee revenue per block.
Keep in mind, we are playing fast and loose with the USD-Bitcoin pair trading price. If a Bitcoin was valued at $2,000 USD instead of $20,000 USD, then:
total mining reward in USD equivalent = (12.5 BTC mining reward X 2K vs 20K) + mining fees.
Instead of 2 dollars per transaction at 20K, at 10X less value the cost to send a bitcoin trasaction is closer to 20 cents. 20 cents X 1,400 transactions yields mining fee income of only $280 dollars, out of the roughly $25,000 mining reward.
If you went on to calculate the full CAPEX to build and run the mining facilities, plus the cost of buying new mining machines as they become obsolete roughly every 18 months, you can roughly estimate the all in sustaining costs to process each Bitcoin transaction, which varies wildly based on electricity, land, and labor costs worldwide.
The vast majority of mining incentives for miner's to continue racing for blocks does not come from the fees generated to process the transactions, but from another Bitcoin innovation: the "mining reward".
New Bitcoins are generated on a deflationary emissions schedule. After every batch of 210,000 blocks, the reward for finding a new bitcoin is abruptly cut in half.
210,000 blocks x ~10 minutes = 2.1 million minutes or 2.1mm/(60 minutes x 24 hours x 365 days) = ~4 years per halving event.
Back in 2010, when anyone with a small personal computer could mine Bitcoin themselves, the block reward was 50 bitcoin every ~10 minutes. In 2018, the reward was only 12.5 Bitcoin, 6.25 in the year 2020, then halve again roughly every 4 years there after until no reward is left.
This means as the Bitcoin mining reward subsidy exponentially decays in value, mining fees must increase to make up for the loss in mining rewards.
Sidebar 2: Remember the whole "your Bitcoin is protected by a 77 digit number that must be used to unlock the right to send your Bitcoin to someone else?"
The cost to brute force break into a bitcoin wallet would cost 10 ^ 44 times more than global GDP to break into at 12 cents per kilowatt hour electricity (ignoring the cost of the hypothetical machines needed to perform such a task)
Fighting Over the Block + Chain
This seems as good a time as any to bring up what a blockchain is.
We have established the block part, e.g. batches of transactions that happen every ten minutes.
The critical part here is the chain that lashes these transaction together in an immutable record.
Remember, hashing algorithms are the foundation of all DLTs as they create unique hashes that know if even a single byte is out of place. Each block contains a hash of all of the previous blocks that must exactly match before the next block can be added to it. While we won’t explain Merkle Trees for a few chapters, they are the mechanism that allows this to happen by efficiently compressing hashes of all previous blocks into a new hash root.
When a diverse network NOT controlled by a central entity validates blocks everything is fine. Even if a powerful mining pool (coordinated group of bitcoin mining machines that share profits) wins 2 or 3 blocks in a row, eventually a second pool will jump in and validate a block, thus balancing power in the system.
While a very remote possibility, the following situations could result in a massive system wide failure.
A coordinated group of attackers physically kidnap the operators of the largest mining pools or in some way coerce them into giving up access to the mining pool:
A secret backdoor is placed into Bitmain ASIC miners as they sell the majority of Bitcoin mining hardware.
In either case (physical or software attack) one party gains a majority of hash power for an extended period of time.
Why would anyone do this?
Clearly not for economic reasons (short of shorting the Bitcoin futures market), but more likely a state level adversry wanting to thwart an existential threat to its sovereign currency and capital controls.
Two terrible things could happen to the Bitcoin network if hashpower is consolidated into the hands of a single entity:
If the attacker simply takes the hash power offline, the difficulty target would become much too high to find blocks, and the network would grind to a halt.
A much more nefarious attack involves secretly mining a "longer chain". In this attack a secret longer chain is mined for days or potentially weeks. This is especially devastating for exchanges that convert fiat currencies into bitcoin. You can imagine a scenario where the Bitcoin is delivered, but then becomes invalid when the secret longer chain hits the network.
The "true" chain with a record of transactions before the attack will always survive, though will now be the chain with less hash power. An emergency patch can be issued to port to a new chain, though the disruption in the network could potentially unwind billions of fiat equivalent in transactions. If you are an exchange like Coinbase, which Bitcoin do you accept as “real” bitcoin, the fake longer chain, or the honest chain?
Let's hope this never happens. Fortunately, these two attack vectors (plus the existential risk of quantum computers running Shor's Algorithm) are the only known ways to destroy Bitcoin. As we will find out in the next chapters, many alternative ledgers exist with rules that allow for any arbitrarily complex transaction to take place. These types of systems create a much larger attack surface that makes securing these more complicated networks more difficult.
Outside of existential risks that catastrophically destroy Bitcoin, the relationship between efficiency and trust leads to three potential outcomes that will shape how Bitcoin performs over time.
Bitcoin continues to go up in value and make up an increasingly large percentage of global electricity usage. Or the bitcoin price doesn't go up but miners find artificially cheap sources of electricity such as hydroelectric dams and ever more energy efficient ASIC chips to stay competitive.
The actual Bitcoin blockchain itself can no longer be used for the majority of transcations, and transactions must occur in separate "off-chain" systems that only occasionally place transactions into the blockchain because it is prohibitively expensive.
The market will move away from such an energy intensive random lottery system towards more efficient math, rendering Bitcoin increasingly obsolete. As we live in a world with more demands on energy than available clean supply, regulatory and social resistance could threaten the very mechanism that first empowered any two people on earth to exchange value with without a middleman intermediary.
In the next chapter we will build on our basic knowledge of how Bitcoin works to dissect various alternative methods of consensus that: Receive transactions -> make the sausage more efficiently -> store redundant copies of the transactions to many ledgers.