Many cryptocurrencies relies on hash functions to secure transactions. Bitcoin for example mainly relies on SHA-256 hash function (which is part of the SHA-2 hash functions family).
Consequently, breaches in hash functions used for cryptocurrencies exchanges can have a huge impact on these technologies.
Hash in cryptocurrencies.
Concerning Bitcoin, the hash functions SHA-256 is used many times: first when the Bitcoin address is created, two hash algorithms are used: the SHA-256 algorithm and the RIPEMD160 algorithm, one after the other, on the public key to create the corresponding Bitcoin address. The purpose of the RIPEMD160 algorithm is just to reduce the size of the address: the footprint calculated with this function is shorter than the SHA-256 one.
Then, during the block creation, before the mining part, the miner inserts in the new block a SHA-256 footprint from the last block. That way we are sure that the blocks are in the right order.
The new block must also have the footprint of the addition from the transaction’s footprints. The SHA-256 algorithm is also used for its own results. Thanks to that the other miners and nodes can check that no transaction has been forgotten inside the fresh new block.
Finally, it is here the most important usage: during the block mining. When the mining procedure start and that the block has been created the way we describe it a moment before, the miner checks on the network what is the desired target to reach.
The target is a footprint of a certain “height”, which is determinated thanks to the numerous values associated to the letters and numbers inside of it.
If the miner wants to validate a block, he choose a random code called nonce and associated to the block, from where the footprint will be calculated. If the footprint has a lower value than the target, his block is published, otherwise he must start again.
You can see on the word “bœuf” and its variations, the footprint generation with the SHA-256 function gives a “random” result. Meaning that the ability to find a result matching the target only depends on two factors: luck and the ability to quickly generate SHA-256 hash.
When the target is low enough, it is very hard to find a matching result, even if you are lucky. It is necessary to do hundred, thousand, or even billions of hashes before publishing a block, requiring a strong computing power. Even if the SHA-256 is the most used and famous algorithm it is not the only one: many cryptocurrencies use other functions. For example, Litecoin uses the Scrypt hash algorithm, known to avoid some SHA-256 problems. Monero and its forks use the Cryptonight hash function. Finally, Ethereum uses mainly the SHA-3 algorithm.
Proof of work and Proof of stake
Proof of Work
The proof of work is the oldest blockchain consensus protocol. Its first modern application in 1996 wasn’t for Bitcoin, which was created much later, but as an anti-spam used for email-boxes. This proof of work already used the SHA-256 algorithm, like the Bitcoin protocol more than ten years later. Today the proof of work is known as the main blockchain consensus protocol mechanism, especially the one from the first generations. Its operation, which is very secured, can lead to some problems of energy consumption.
Basically, the proof of stake consists in asking the miners to solve a complex mathematic problem which needs an important computing power. The first miner to solve it will be the next to create a new block on the blockchain. The miner applies a hash function on a set of data until he finds the researched result.
In the Bitcoin protocol, a miner makes two successive SHA-256 hash on a block header. Each new hash depends both on the block value and the nonce, a random number chose by the miner software. To be valid, the hash will have to be inferior to the mining difficulty. The mining difficulty is adjusted by the network every 2016 blocks. It evolves to claim a bigger computing power to the miners, which must make more tries to get the good hash. A race of hardware performance first made Bitcoin mining obsolete on CPU, and then made it very difficult on GPU. Nowadays ASIC type hardware are the only real profitable option.
The proof of work is efficient to secure the network and pirate attack are very hard. However, the proof of work raises some problems, especially energetic problems, because it requires a drastic energy consumption. Moreover, ASIC leads to an important problem of centralization, leading to mining farms and big companies which take a big part of the network, then the network depends only on a small number of powerful actors.
Proof of Stake
The proof of Stake (POS) take part in the most common blockchain consensus mechanism with the Proof of Work. The proof of stake is an alternative to the proof of Work. To avoid overconsumption and the related environmental problems, but it also reduces the risk of a network centralization.
The proof of stake does not need any mining and is based on a totally different mechanism. We do not talk about miners but minters.
The Proof of stake operation is clearly easiest to understand than the one from a Proof of Work. To work, several different users must put their possessions in deposit to became minters. The algorithm is based on the head of the blockchain (the last block of the chain) to randomly select a minter and give it the permission to create the next block.
If this one does not create a block in the given time, the algorithm will automatically select a second validator to replace it. When we speak Proof of Stake, the longest chain is the one considered as valid.
Mining (Proof of Work)
The mining is a process by which one Bitcoin transactions are secured. To this goal, miners, with their hardware, compute for the Bitcoin network. They are rewarded by the bitcoins generated and the transactions fees they allowed. These rewards divide by 2 every 4 years.
“to describe mining, we could take the example of a huge Sudoku’s competition where participants try a new grid once someone find a solution, and the difficulty is adjusted so that a grid is solved within 10minutes. Let us say a huge Sudoku’s grid, with several thousands of rows and columns. It would be kind of easy to check if the grid is correctly done. But […] it would take a lot of work to finish it! The difficulty of the grids can be adjusted by changing the size […], but they can still be easily checked even though they are huge. Puzzles to solve in Bitcoin network are based on hashes and show the same characteristics as Sudoku’s grids: hard to solve but easy to check the solution, and the difficulty can be adjusted.” – Andreas M. Antonopoulos
What computes a miner?
Miners compute hashes (2 SHA256 in a row) on a bloc’s header. For each new hash, the mining software use a random number: nonce. The nonce is an integer with 32bits of memory allocated. It means that it is limited to only 4 billion possibilities, with the current hash rate of the network it’s largely not enough. We add in the hash the timestamp of the block in hour Posix, always updated. Another variable on which miners can optimize: the configuration of the transactions. Including the bloc’s number, timestamp, bloc’s data, and the previous bloc’s hash. The hash made looks like:
This hash can be converted to a great number. (It is a hexadecimal number; it means that letters A to F are number 10 to 15). To make mining hard, there is the target difficulty. To create a valid bloc, a miner must find a hash which is lower than the target difficulty. For example, if the difficulty is:
Any number that begins with a 0 will be accepted and considered as lower than the target. Example:
If we decrease the target to:
Now, we need a number which begins with two 0:
Because the target is a large number with a lot of figures, an easier number is often used to show the current target. This number is called the mining difficulty. The mining difficulty is calibrated with the first bloc created. Which means that a difficulty of 70 000 is 70 000 time the computer performance needed by Satoshi Nakamoto to generate the first bloc, when he was the only miner, and he was using only his CPU.
The difficulty changes every 2016 blocs. The network adjusts the difficulty so that the time required for the generation of these 2016 blocs is 14days, no matter the computer performance used. That is why the difficulty increase with the performance of the network.
Compute speed: the hash rate
On a blockchain, like bitcoin’s one, transactions made are encrypted, which guarantees their authenticity and their inviolability. These transactions can be checked by operators (miners). To be allowed to check the transactions and create blocs that make part of a blockchain, miners must solve mathematical calculations. To do that, they often use powerful hardware which requires a lot of energy, the main component for miners is the GPU used for hash functions. The hash rate measures the performance of a machine to mine, it means the computer’s speed to 1 hash and its capacity to solve a mathematic calculation leading to the possibility of transactions validation and creation of additional bloc on a blockchain.
Minting (Proof of Stake)
While many people are beginning to be familiar with the mining of cryptocurrencies like the Bitcoin, a few people are familiar with minting, more famous under the name staking.
In minting, or staking, mining 2.0 or generalized mining, the participants are selected according the size of their stake, or on the quantity of crypto they have.
Trust Wallet (one of the major actors) compare minting and staking to a sort of lottery in which the number of inmates cryptos is the equivalent to the possession of a certain amount of lottery tickets. If you got 10% of the tokens in circulation, you got 1 on 10 chances to be selected as validator for the next block.
Today, more and more cryptocurrencies take that model because Ethereum with the Casper update will soon be in PoS, and more and more famous actors like Coinbase, Trustwallet, Huobi or Coinone are really interested by this new industry which will, according to POS Bakerz, one of the next new big trends in the cryptocurrency area and decentralized finance (DeFi).