Imagine that you have 1 BTC and you attempt to spend it twice in two separate transactions. You could attempt to do this by sending the same BTC to two separate bitcoin wallet addresses. Both of these transactions will then go into the pool of unconfirmed transactions. The first transaction would be approved via the confirmation mechanism and then verified into the subsequent block. However, the second transaction would be recognized as invalid by the confirmation process and would not be verified. If both transactions are pulled from the pool for confirmation simultaneously, the transaction with the highest number of confirmations will be included in the blockchain, while the other one will be discarded.
While this effectively deals with the issue of double spending, it is not without its issues. For example, the intended recipient of the second failed transaction would not have part in the transaction itself failing, and yet that person would not receive the bitcoin they had anticipated. Many merchants wait for at least 6 confirmations of a transaction meaning that six subsequent blocks of transactions were added to the blockchain after the transaction in question.
At this point, the merchant can safely assume that the transaction is valid. There remain other vulnerabilities in this system which could allow double-spend attacks to take place. If an attacker were somehow able to get control of this much computational power, they could reverse transactions and create a separate, private blockchain. However, the rapid growth of bitcoin has virtually insured that this type of attack is impossible. Now let's get a little more technical. The way that users detect tampering such as an attempt to double-spend in practice is through hashes , long strings of numbers that serve as proof of work PoW.
Put a given set of data through a hash function bitcoin uses SHA , and it will only ever generate one hash. Due to the "avalanche effect," however, even a tiny change to any portion of the original data will result in a totally unrecognizable hash. Whatever the size of the original data set, the hash generated by a given function will be the same length. The hash is a one-way function: it cannot be used to obtain the original data, only to check that the data that generated the hash matches the original data.
Generating just any hash for a set of bitcoin transactions would be trivial for a modern computer, so in order to turn the process into "work," the bitcoin network sets a certain level of "difficulty. Setting difficulty is accomplished by establishing a "target" for the hash : the lower the target, the smaller the set of valid hashes, and the harder it is to generate one. In practice, this means a hash that starts with a long string of zeros: the hash for block , for example, is ddefdbb1bd75e8d78ff2e8d. That block contains 2, transactions involving just over 1, bitcoin, as well as the header of the previous block.
If a user changed one transaction amount by 0. Since a given set of data can only generate one hash, how do miners make sure they generate a hash below the target? They alter the input by adding an integer, called a nonce "number used once".
Once a valid hash is found, it is broadcast to the network, and the block is added to the blockchain. Mining is a competitive process, but it is more of a lottery than a race. On average, someone will generate acceptable proof of work every ten minutes, but who it will be is anyone's guess.
Miners pool together to increase their chances of mining blocks, which generates transaction fees and, for a limited time, a reward of newly-created bitcoins. Proof of work makes it extremely difficult to alter any aspect of the blockchain, since such an alteration would require re-mining all subsequent blocks.
It also makes it difficult for a user or pool of users to monopolize the network's computing power, since the machinery and power required to complete the hash functions are expensive. Your Privacy Rights. To change or withdraw your consent choices for Investopedia. At any time, you can update your settings through the "EU Privacy" link at the bottom of any page. These choices will be signaled globally to our partners and will not affect browsing data. We and our partners process data to: Actively scan device characteristics for identification. I Accept Show Purposes. Your Money. Personal Finance.
Your Practice. Popular Courses. Blockchain Guide to Blockchain. Cryptocurrency Blockchain. Table of Contents Expand. Understanding the Blockchain. Dealing With Double Spending. In block ,, for example, the difficulty bits value is 0xa30c. The first part 0x19 is a hexadecimal exponent, while the next part, 0x03a30c , is the coefficient.
The final field is the nonce, which is initialized to zero. With all the other fields filled, the block header is now complete and the process of mining can begin.
The goal is now to find a value for the nonce that results in a block header hash that is less than the difficulty target. The mining node will need to test billions or trillions of nonce values before a nonce is found that satisfies the requirement.
Throughout this book we have studied cryptographic hash functions as used in various aspects of the bitcoin system. In the simplest terms, mining is the process of hashing the block header repeatedly, changing one parameter, until the resulting hash matches a specific target. This feature of hash functions means that the only way to produce a hash result matching a specific target is to try again and again, randomly modifying the input until the desired hash result appears by chance. A hash algorithm takes an arbitrary-length data input and produces a fixed-length deterministic result, a digital fingerprint of the input.
For any specific input, the resulting hash will always be the same and can be easily calculated and verified by anyone implementing the same hash algorithm.
The key characteristic of a cryptographic hash algorithm is that it is virtually impossible to find two different inputs that produce the same fingerprint. As a corollary, it is also virtually impossible to select an input in such a way as to produce a desired fingerprint, other than trying random inputs. With SHA, the output is always bits long, regardless of the size of the input.
Computational power adjusts the level of difficulty in mining.
Example shows the result of calculating the hash of "I am Satoshi Nakamoto" : 5d7c7ba21cbbcd75dbd5be5bd27cbcca6be. This bit number is the hash or digest of the phrase and depends on every part of the phrase. Adding a single letter, punctuation mark, or any other character will produce a different hash. Now, if we change the phrase, we should expect to see completely different hashes.
Buying options
Running this will produce the hashes of several phrases, made different by adding a number at the end of the text. By incrementing the number, we can get different hashes, as shown in Example Each phrase produces a completely different hash result. They seem completely random, but you can reproduce the exact results in this example on any computer with Python and see the same exact hashes.
The number used as a variable in such a scenario is called a nonce. The nonce is used to vary the output of a cryptographic function, in this case to vary the SHA fingerprint of the phrase. It took 13 attempts to find it. In terms of probabilities, if the output of the hash function is evenly distributed we would expect to find a result with a 0 as the hexadecimal prefix once every 16 hashes one out of 16 hexadecimal digits 0 through F. In numerical terms, that means finding a hash value that is less than 0x We call this threshold the target and the goal is to find a hash that is numerically less than the target.
How does a block chain prevent double-spending of Bitcoins?
If we decrease the target, the task of finding a hash that is less than the target becomes more and more difficult. To give a simple analogy, imagine a game where players throw a pair of dice repeatedly, trying to throw less than a specified target. In the first round, the target is Unless you throw double-six, you win. In the next round the target is Players must throw 10 or less to win, again an easy task. Now, more than half the dice throws will add up to more than 5 and therefore be invalid. It takes exponentially more dice throws to win, the lower the target gets.
The successful result is also proof of work, because it proves we did the work to find that nonce. While it only takes one hash computation to verify, it took us 13 hash computations to find a nonce that worked. If we had a lower target higher difficulty it would take many more hash computations to find a suitable nonce, but only one hash computation for anyone to verify.
Furthermore, by knowing the target, anyone can estimate the difficulty using statistics and therefore know how much work was needed to find such a nonce. The miner constructs a candidate block filled with transactions. If the hash is not less than the target, the miner will modify the nonce usually just incrementing it by one and try again.
At the current difficulty in the bitcoin network, miners have to try quadrillions of times before finding a nonce that results in a low enough block header hash. A very simplified proof-of-work algorithm is implemented in Python in Example Running this code, you can set the desired difficulty in bits, how many of the leading bits must be zero and see how long it takes for your computer to find a solution.
In Example , you can see how it works on an average laptop. As you can see, increasing the difficulty by 1 bit causes an exponential increase in the time it takes to find a solution. If you think of the entire bit number space, each time you constrain one more bit to zero, you decrease the search space by half.
In Example , it takes 84 million hash attempts to find a nonce that produces a hash with 26 leading bits as zero. Even at a speed of more than , hashes per second, it still requires 10 minutes on a consumer laptop to find this solution.
▼ Show Answer
At the time of writing, the network is attempting to find a block whose header hash is less than cedb3af43fd3f5de7baeabaa7. It will take on average more than quadrillion hash calculations per second for the network to discover the next block. In this block, therefore, the exponent is 0x19 and the coefficient is 0x03a30c.