Head On | Cai Guo Qiang (2006) Gunpowder on paper, mounted on wood as five-panel screen

Head On | Cai Guo Qiang (2006) Gunpowder on paper, mounted on wood as five-panel screen

1:2 brute force Consensus

Whether you are a potential investor, entrepreneur, or corporate intrapreneur looking to implement a DLT solution (or anything in between) these next four chapters provide a firm technical understanding of how distributed ledgers actually work.

As always...

  • You don't need to understand infrared to work your TV remote

  • You don't need to understand fluid dynamics to fly in a plane

but...

Somebody better understand how fluid dynamics work, or the plane is going to fall out of the sky. 

This is the heart of "asymmetric" downside. Or that a critical technical failure could destroy the entire system (slowly or quickly). To limit asymmetric downside someone should have deep understanding of the core logic/mathematics that governs the system. 

While less than a handful of people on earth truly have this knowledge, we can build a framework around what characteristics a robust system needs, knowing that our knowledge will always be some level of abstraction away from the raw 1s and 0s that power the system. 

Sacrifice 

We have established there is a universal global ledger that simultaneously records transactions. The "distributed" part of distributed ledger technology.

  1. People (or programs) send transactions to the ledger

  2. Consensus happens where the sausage is made and transactions are approved

  3. Results of the transactions are distributed to many ledgers

The first thought most computer people have after hearing this is usually: wow this sounds WAY LESS EFFICIENT than a regular centralized database.

The laws of physics and common sense would both agree:

  • storing information in one place uses less resources than storing information in many places

  • and a single entity validating transactions is more efficient than many competitive parties fighting to validate a transaction.

So why are we sacrificing so much in terms of computational resources, cost, and ultimately environmental impact?? What do we gain from our sacrifice?

The traditional mantra goes something like: 

Efficiency <----------------------> Trust

Where there is a trade off or "sacrifice" between efficiency and trust.

In other words, to be assured that no one is going to tamper with your transaction, we must make sure the miner (eg. the computer randomly assigned to place your transaction into the ledger) is trustworthy.

In a traditional centralized banking ledger this answer is easy. Chase Bank as a transaction validator has a legal and financial best interest to make sure your transaction goes through. 

But how can we possibly guarantee that a total stranger will act honestly and not attempt to maliciously change the ledger for their own best interest?

How the Bitcoin sausage is made

Chase stores billions of transactions in a single place (with a few redundant backups here and there in case things go wrong) but by and large does not need to spend significant resources to send each new transaction into the system. Rather they spend large resources protecting a monolithic system, and amortize that cost over all of their transactions.

Things work exactly the opposite way in the Bitcoin world. The code that runs the system is very small (less than 1000 lines of C++), free, and open. However, each transaction sent to the system costs money to process, sometimes in excess of 20 dollars US when demand is high and the system is clogged.  

Every ~10 minutes for the last 10 years, there has been a winner of an increasingly lucrative race.

Anyone on earth can enter this race by running a simple mining program that looks for a very special string of random letters and numbers called a nonce which is added to a cryptographic hash. This brute force approach to win the race by finding the random number first is called Proof-of-Work

  Changing "over" by just one character results in a completely different hash

Changing "over" by just one character results in a completely different hash

Hashes are the foundation of all modern cryptography as they can take an input of any size and create an output of a fixed sized. If even a single character is out of place, the entire hash will be completely different. 

If you were a German general in World War II and wanted to make sure the location of your submarines were not found, you would use an Enigma machine to turn your plain text German message into an indecipherable string of random letters. 

It took the invention of the first computer called the Turing machine to successfully reverse german codes (cyphers) and win the war. Ever since there has been an increasing arm's race between keeping coded messages secure, and breaking them. 

Today we live in a world where e-commerce, e-banking, and even e-voting is possible because we can trust that code breakers will not be able steal to secure information transmitted over the internet. Whenever you see the little lock on your internet browser while shopping on Amazon, technologies called SSL and TLS creates a secure channel over the open internet between you and Amazon which allows for secure communications that a man in the middle cannot intercept. 

While this critical data is protected en-route, without a blockchain solution like Bitcoin, we cannot be guaranteed data will be stored in an incorruptible format for all time. 

Controlled break ins

Bitcoin consensus sits in the middle of the arm's race between code makers and code breakers, by allowing miners to "break" the code roughly every 10 minutes. Instead of trying to break the enigma machine and win the war, miners are trying to break a cryptographic hashing algorithm called SHA2-256. SHA2 refers to the encryption standard, while 256 refers to the length of bytes used to secure the encryption.

Launched in 2002, SHA2 is still used widely to secure critical data across the IT spectrum, though has since been phased out in favor of the newer SHA3 standard. So far, no one has figured out a reliable shortcut to break the SHA2 code short of trying every possible combination of numbers until a solution is randomly found.

As finding a single large random number would be next to impossible, the Bitcoin protocol continually limits the acceptable range of numbers a winning number can be found in within the SHA2-256 standard.

The protocol can thus adjust the difficulty based on how many people are racing to find the nonce, making the winning number harder to find when more people are searching, and easier when less people are searching. 

--------------------------------

The difficulty called the Target is a subset of an enormous space of numbers between 0 and something less than 2^256  bytes. If you have played with exponents, raising 2 to any triple digit power is a very large number, as each of the 256 bits of data could be either a 1 or a 0.

Thus, if you wanted to guess a number that would win the bitcoin block with a one digit encryption you would have a 50% chance of guessing correctly.

Guessing two digits correctly would then be a 25% chance (00, 01, 10, or 11) 

Three digits would be 20% (111, 000, 100, 010, 001), and so on.

So the real technical definition of how Bitcoin achieves consensus is:

The first computer running the random search algorithm to successfully find a number below the target, then provide this winning nonce to the network, has the right to validate the next block of transactions.

While there may be many winning solutions within the target space, only the first solution wins the race. 

Sidebar: the security of a Bitcoin wallet (or the ability to access an amount of Bitcoin to send to another address) is also protected by 2^256 encryption.

However unlike the target difficulty where there are many solutions to the answer below the target, the security of the wallet needs exactly one single number out of 2^256 possibilities to be unlocked. Thus the chance of breaking into your Bitcoin wallet is the chance of correctly guessing 256 consecutive flips of a coin which is 1 in: 

256.PNG

-------------------------------

Isn't that amazing??

Constraints

Whoever finds this random sequence first is entitled to validate all of the transactions that happened in the last block. 

Within this race there are two fundamental constraints:

  • Block time: Or the rough interval of time that passes between when miners are expected to find the next random winning lottery ticket

  • Block size: the size in bytes of the transaction data that can fit into a "block".

Bitcoin currently processes 1 megabyte worth of data into a "block" of transactions every every 10 minutes. The average transaction size for a simple peer-to-peer transaction from one individual address to another is roughly 180 bytes.

With a tiny bit of math you can get to the processing speed of raw Bitcoin blockchain.

Fundamental equation 1: transactions per second

(size of average transaction) x (block size) x (block interval) = transactions/second

Right now this a pitiful 3 transactions per second, as not all transactions are optimally small in size, and participants in the system sometimes "spam" the network with many transactions to clog the system, even though it is not in their strict financial best interest to do so. 

For comparison Visa processes on average 3,000 transactions per second, with up to 40,000 transactions per second during peak holiday season. 

Fundamental equation 2: energy spent per transaction

(number of other miners looking for random numbers) x (efficiency at searching for random numbers) = amount of energy spent per transaction

Unlike the first equation which can increase efficiency by either reducing block times, or increasing block size, energy spent per transaction increases as more people fight to validate transactions. 

The more popular Bitcoin becomes, the LESS efficient it is

Think about the two inputs on the left side of the equation.

  • The number of people incentivized to search for the next block increases as the price/popularity increases.

  • This in turn creates a demand for better "mining equipment"

While the number of people wanting to search has no upward bound, the efficiency of searching for random numbers does. 

In the beginning of Bitcoin mining, there were large efficiency increases as miners switched from general purpose CPUs, to more specialized GPUs (graphic cards). The final increase in efficiency came from the switch to ASICs (specialized chips that can only search for random numbers using the SHA2-256 algorithm, sacrificing all other functionality in exchange to being incredibly efficient at looking for hashes). 

Remember that SHA2-256 depends on there being no exploitable shortcuts to winning the winning combination to each new block. Thus, Bitcoin miners are measured in terms of hashes per second. This metric shows how fast a mining machine is capable of pulling random numbers out of a hat.

Another important measure is hashes per watt, as electricity is the largest cost in running mining operations thus being able to more efficiently search for random numbers will make miners with more efficient machines more profitable than their peers with older, less efficient equipment. 

As ASIC chip efficiency roughly follows Moore's Law, every 18 months Bitcoin mining machines are made obsolete by the next generation of machines that can find more hashes faster using less electricity. 

While these efficiency gains on the surface sound like they make mining more sustainable over time, the competitive lottery process actually has the opposite effect. Any efficiency gains are offset in the zero sum race when competitors begin to bring their own more efficient machines on line. Massive amounts of e-waste is also created when old machines are decommissioned, or continue to run in areas with artificially cheap electricity sources. 

  A series of Icarus Bitcoin miners, the first dedicated bitcoin miner that can do nothing but search for SHA-256 random numbers was released in 2011.

A series of Icarus Bitcoin miners, the first dedicated bitcoin miner that can do nothing but search for SHA-256 random numbers was released in 2011.

 

Burn baby Burn

In May 2018, 906 kilowatt hours were burned to send a single transaction, while roughly 1,400 transactions were processed per block.

This equals roughly 1.2 million kilowatt hours needed to on average "win" a Bitcoin block. At 10 cents USD per kilowatt hour that is roughly $120,000 in electricity, or 906kw/10cents = $90.6 per transaction in electricity not counting the cost of the mining equipment, labor, and facilities. 

No one in their right mind would ever pay $90 dollars in transaction fees to buy a cup of coffee!

In fact you would need to send over $9000 dollars through Western Union at a 1% transaction fee for Bitcoin to become a cheaper transmitter of value.

However, the transaction fee to send a Bitcoin in May 2018 was not $90 dollars, but in fact under $2 per transaction, meaning the miners generated only ~$2800 in fee revenue per block.

If you went on to calculate the full CAPEX to build and run the mining facilities, plus the cost of buying new mining machines as they become obsolete roughly every 18 months, you can roughly estimate the all in sustaining costs to process each Bitcoin transaction which varies wildly based on electricity, land, and labor costs worldwide. 

reward.png

Incentive Structure

Regardless of varying mining costs, the vast majority of mining incentives for miner's to continue racing for blocks does not come from the fees generated to process the transactions, but from another Bitcoin innovation: the "mining reward"

New Bitcoins are generated on a deflationary emissions schedule. After every batch of 210,000 blocks, the reward for finding a new bitcoin is abruptly cut in half. 

210,000 blocks x ~10 minutes = 2.1 million minutes or 2.1mm/(60 minutes x 24 hours x 365 days) = ~4 years per halving event. 

In 2010 when anyone with a small personal computer could mine Bitcoin themselves, the block reward was 50 bitcoin every ~10 minutes.  In May 2018, the reward is only 12.5 Bitcoin, and will be reduced to 6.25 in the year 2020, then halve again roughly every 4 years there after until no reward is left. 

This means as Bitcoin mining reward subsidy exponentially decays in value, mining fees must increase to make up for the loss in mining rewards. 

Sidebar 2: Remember the whole "your Bitcoin is protected by a 77 digit number that must be  used to unlock the right to send your Bitcoin to someone else?"

The cost to brute force break into a bitcoin wallet would cost 10 ^ 44 times more than global GDP to break into at 12 cents per kilowatt hour electricity (ignoring the cost of the hypothetical machines needed to perform such a task)

cost.PNG

whoever has the gold makes the rules

The heart of Bitcoin's asymmetric downside lies it the very essence of it's lottery power burning approach to preserving an immutable record.

This seems as good a time as any to bring up what a blockchain is. We have establish the block part, these batches of transactions that happen every ten minutes. The critical part here is the chain that lashes these transaction together in an immutable record. 

Remember hashing algorithms create unique hashes that know if even a single byte is out of place. Each block contains a hash of all of the previous blocks that must exactly match before the next block can be added to it. 

When a diverse network NOT controlled by a central entity validates blocks everything is fine. Even if a powerful mining pool (coordinated group of bitcoin mining machines that share profits) wins 2 or 3 blocks in a row, eventually a second pool will jump in and validate a block, thus balancing power in the system.

While a very remote possibility, the following situations could result in a massive system wide failure.

  • A coordinated group of attackers physically kidnap the operators of the largest mining pools or in some way coerce them into giving up access to the mining pool:

  • A secret backdoor is placed into Bitmain ASIC miners as they sell the majority of Bitcoin mining hardware.

In either case (physical or software attack) one party gains a majority of hash power for an extended period of time.

Why would anyone do this?

Clearly not for economic reasons short of shorting the Bitcoin futures market, but more likely a state wanting to thwart an existential threat to its sovereign currency and capital controls. 

Two terrible things could happen to the Bitcoin network: 

  • If the attacker simply takes the hash power offline, the difficulty target would become much too high to find blocks, and the network would grind to a halt.

  • A much more nefarious attack involves secretly mining a "longer chain". In this attack a secret longer chain is mined for days or potentially week. This is especially devastating for exchanges that convert fiat currencies into bitcoin. You can imagine a scenario where the Bitcoin is delivered, but then becomes invalid when the secret longer chain hits the network.

 The "true" chain with a record of transactions before the attack will always survive, though will now be the chain with less hash power. An emergency patch can be issued to port to a new chain, though the disruption in trust to the bitcoin protocol would be unimaginable. 

Let's hope this never happens. Fortunately short of these two attack vector's (plus the existential risk of quantum computers running Shor's Algorithm) are the only known ways to destroy Bitcoin. As we will find out in the next chapters, with more complicated ledgers that allow any arbitrary transaction to take place, there are many more attack vectors that can destroy these systems. 

Outcomes

Outside of existential risks that catastrophically destroy Bitcoin, the relationship between efficiency and trust leads to three potential outcomes that will shape how Bitcoin performs over time.

  1. Bitcoin continues to go up in value and make up an increasingly large percentage of global electricity usage. Or the bitcoin price doesn't go up but miners find artificially cheap sources of electricity such as hydroelectric dams and ever more energy efficient ASIC chips to stay competitive.

  2. The actual Bitcoin blockchain itself can no longer be used for the majority of transcations, and transactions must occur in separate "off-chain" systems that only occasionally place transactions into the blockchain because it is prohibitively expensive.

  3. The market will move away from such an energy intensive random lottery system towards more efficient math, rendering Bitcoin increasingly obsolete. As we live in a world with more demands on energy than available clean supply, regulatory and social resistance could threaten the very mechanism first empowered any two people on earth to exchange information with each other.

In the next chapter we will build on our basic knowledge of how Bitcoin works to dissect various alternative methods of consensus that: 

Receive transactions -> make the sausage more efficiently -> store redundant copies of the transactions to many ledgers.

1:3 Other Ways to Make the Sausage -->

 

The bourgeoisie, by the rapid improvement of all instruments of production, by the immensely facilitated means of communication, draws all, even the most barbarian, nations into civilization. The cheap prices of its commodities are the heavy artillery with which it batters down all Chinese walls, with which it forces the barbarians’ intensely obstinate hatred of foreigners to capitulate. It compels all nations, on pain of extinction, to adopt the bourgeois mode of production; it compels them to introduce what it calls civilization into their midst, i.e., to become bourgeois themselves. In one word, it creates a world after its own image.
— Karl Marx