Byzantine Fault

Tolerance Explained
Advanced
Published Dec 5, 2018Updated Aug 17, 2023
5m
Since the inception of Bitcoin in 2008, as a peer-to-
peer electronic cash system, many other cryptocurrencies
were created, each one with a particular mechanism. But one
thing that nearly all cryptocurrencies have in common is the
blockchain, as the core element of their architecture.
With few exceptions, blockchains are intentionally designed to
be decentralized, working as a digital ledger that is maintained
by a distributed network of computer nodes. For this reason,
blockchain technology allowed the creation of trustless
economic systems, where transparent and reliable financial
transactions could be executed without the need for
intermediaries. Cryptocurrencies are being adopted as a
viable alternative to traditional banking and payment systems,
which are heavily dependent on trust.
Just as most distributed computing systems, the participants
of a cryptocurrency network need to regularly agree on the
current state of the blockchain, and that is what we call
consensus achievement. However, reaching consensus on
distributed networks, in a safe and efficient way, is far from
being an easy task.

So, how can a distributed network of computer nodes agree

on a decision, if some of the nodes are likely to fail or to act
dishonestly? This is the fundamental question of the so-called
Byzantine Generals’ problem, which gave birth to the concept
of Byzantine fault tolerance.

What is the Byzantine Generals’

Problem?
 In a few words, the Byzantine Generals’ Problem
was conceived in 1982 as a logical dilemma that illustrates
how a group of Byzantine generals may have communication
problems when trying to agree on their next move.
The dilemma assumes that each general has its own army
and that each group is situated in different locations around
the city they intend to attack. The generals need to agree on
either attacking or retreating. It does not matter whether they
attack or retreat, as long as all generals reach consensus, i.e.,
agree on a common decision in order to execute it in
coordination.

Therefore, we may consider the following requirements:

 Each general has to decide: attack or retreat (yes or no);

 After the decision is made, it cannot be changed;

 All generals have to agree on the same decision and

execute it in a synchronized manner.
The aforementioned communication problems are related to
the fact that one general is only able to communicate with
another through messages, which are forwarded by a courier.
Consequently, the central challenge of the Byzantine
Generals’ Problem is that the messages can get somehow
delayed, destroyed or lost.

In addition, even if a message is successfully delivered, one or

more generals may choose (for whatever reason) to act
maliciously and send a fraudulent message to confuse the
other generals, leading to a total failure.

If we apply the dilemma to the context of blockchains, each

general represents a network node, and the nodes need to
reach consensus on the current state of the system. Putting in
another way, the majority of participants within a distributed
network have to agree and execute the same action in order
to avoid complete failure.
Therefore, the only way to achieve consensus in these types
of distributed system is by having at least ⅔ or more reliable
and honest network nodes. This means that if the majority of
the network decides to act maliciously, the system is
susceptible to failures and attacks (such as the 51% attack).

Byzantine Fault Tolerance (BFT)

In a few words, Byzantine fault tolerance (BFT) is the property
of a system that is able to resist the class of failures derived
from the Byzantine Generals’ Problem. This means that a BFT
system is able to continue operating even if some of the nodes
fail or act maliciously.

There is more than one possible solution to the Byzantine

Generals’ Problem and, therefore, multiple ways of building a
BFT system. Likewise, there are different approaches for a
blockchain to achieve Byzantine fault tolerance and this leads
us to the so-called consensus algorithms.

Blockchain consensus algorithms

We can define a consensus algorithm as the mechanism
through which a blockchain network reach consensus. The
most common implementations are Proof of Work (PoW)
and Proof of Stake (PoS). But let’s take the Bitcoin case as an
example.
While the Bitcoin protocol prescribes the primary rules of the
system, the PoW consensus algorithm is what defines how
these rules will be followed in order to reach consensus (for
instance, during the verification and validation of transactions).

Although the concept of Proof of Work is older than

cryptocurrencies, Satoshi Nakamoto developed a modified
version of it as an algorithm that enabled the creation of
Bitcoin as a BFT system.
Note that the PoW algorithm is not 100% tolerant to the
Byzantine faults, but due to the cost-intensive mining
process and the underlying cryptographic techniques, PoW
has proven to be one of the most secure and reliable
implementations for blockchain networks. In that sense, the
Proof of Work consensus algorithm, designed by Satoshi
Nakamoto, is considered by many as one of the most genius
solutions to the Byzantine faults.

Final thoughts
The Byzantine Generals’ Problem is an intriguing dilemma that
eventually gave rise to the BFT systems, which are being
extensively applied in various scenarios. Beyond the
blockchain industry, a few use cases of BFT systems include
the aviation, space, and nuclear power industries.

Within the cryptocurrency context, having an efficient network

communication along with a good consensus mechanism is
vital to any blockchain ecosystem. Securing these systems is
an ongoing effort, and the existing consensus algorithms are
yet to overcome a few limitations (such as scalability).
Nonetheless, PoW and PoS are very interesting approaches
as BFT systems, and the potential applications are certainly
inspiring widespread innovation.

https://academy.binance.com/en/articles/byzantine-fault-
tolerance-explained
Proof of Work (PoW) vs.
Proof of Stake (PoS)
Intermediate
Published Dec 12, 2018Updated Aug 17, 2023
9m
TL;DR
Proof of Work (PoW) and Proof of Stake (PoS) are the most
common consensus mechanisms. They are adopted by major
cryptocurrencies to secure their network.

Proof of Work is used in Bitcoin to validate transactions and

secure the network. Apart from other things, PoW prevents
double-spending. The blockchain is secured by participants
called miners, who use computational power to compete for
the right to confirm new blocks and update the blockchain. A
successful miner will be rewarded in BTC by the network. As
of December 2021, a miner can get a block reward of 6.25
BTC plus transaction fees by successfully mining a Bitcoin
block.

The major difference between PoW and PoS is the way they
determine who gets to validate a block of transactions. Proof
of Stake is the most popular alternative to Proof of Work. It’s a
consensus mechanism that aims to improve on some of the
limitations of PoW, such as scalability issues and energy
consumption. In PoS, participants are called validators. They
don’t need to use powerful hardware to compete for the
chance to validate a block. Instead, they need to stake (lock)
the native cryptocurrency of the blockchain. The network then
selects a winner based on the amount of crypto staked, who
will be rewarded a proportion of the transaction fees from the
block they validate. The more coins staked, the higher the
chance to be chosen as a validator.
Introduction
To ensure that transactions recorded on a blockchain are
valid, these networks adopt different consensus mechanisms.
Proof of Work (PoW) is the oldest one. Created by Satoshi
Nakamoto, it’s considered by many as one of the safest
alternatives. Proof of Stake (PoS) was created later, but it’s
now seen in most altcoin projects.

Apart from Bitcoin, PoW is also used in other major

cryptocurrencies like Ethereum (ETH) and Litecoin (LTC). In
contrast, PoS is used by Binance Coin (BNB), Solana (SOL),
Cardano (ADA), and other altcoins. It’s worth noting that
Ethereum plans to switch from PoW to PoS in 2022.

What is Proof of Work (PoW) and

how does it work?
Proof of Work (PoW) is the consensus algorithm adopted by
the Bitcoin network and many other cryptocurrencies to
prevent double-spending. It was introduced by Satoshi
Nakamoto in the Bitcoin whitepaper, published in 2008.
In essence, PoW determines how the Bitcoin blockchain
achieves distributed consensus. It’s used to validate peer-to-
peer transactions in a trustless manner, without the need for
third-party intermediaries.

On a PoW network like the one of Bitcoin, transactions are

verified by miners. They are participants that use a great
amount of resources to ensure the network continues to run
securely and correctly. Among other tasks, miners create and
validate blocks of transactions. But in order to compete for the
right to validate the next block, they need to use highly
specialized mining hardware to solve complex mathematical
puzzles.
The first miner that manages to find a valid solution for these
math problems, earns the right to add their block to the
blockchain and receive what we call a block reward. Block
rewards are made up of newly generated cryptocurrencies
plus transaction fees. The amount of crypto in a block reward
varies according to the different networks. For example, on the
Bitcoin blockchain, a successful miner can get 6.25 BTC plus
fees from each block reward (as of December 2021).
However, the number of new BTCs generated per block is
reduced by 50% every 210,000 blocks (approximately every
four years) due to a mechanism known as halving.
If you’d like to learn about the Proof of Work model in more
detail, check out this What Is Proof of Work (PoW)?.

What is Proof of Stake (PoS) and

how does it work?
Proof of Stake (PoS) is a consensus algorithm introduced in
2011 as an alternative to Proof of Work. It aims to overcome
the scalability limitations of PoW networks. PoS is the second-
most-popular algorithm adopted by cryptocurrencies like
Binance Coin (BNB), Solana (SOL), and Cardano (ADA).
While PoW and PoS share the same goal of reaching
consensus in the blockchain, PoS has a different way of
determining who validates a block of transactions. There are
no miners on PoS blockchains. Rather than relying on
powerful computers to compete for block validation rights, PoS
validators rely on their crypto holdings.

To be eligible to validate a block, participants need to lock a

certain amount of coins in a specific smart contract on the
blockchain. This process is known as staking. The PoS
protocol will then assign a participant to validate the next
block. Depending on the network, this selection can be done
randomly or according to their holdings (stake). The selected
validator can receive transaction fees from the block they
validated as rewards. Typically, the more coins they lock up,
the higher the chance to be selected.
Please refer to Proof of Stake (PoS) Explained for more
details.

Differences between Proof of Work

vs. Proof of Stake
Despite both being consensus mechanisms that ensure the
security of the blockchain network, there are certain
differences between the two. The major difference is, of
course, how PoW and PoS determine which participant
validates new transactions. For a clearer understanding, let’s
take a look at the table below:

Proof of Work (PoW) Proof of Stake (PoS)

Who can The higher the computational The more coins staked, the more
mine/validate power, the higher the probability likely you get to validate a new
blocks? of mining a block. block

Miners compete to solve Typically, the algorithm

complex mathematical puzzles determines the winner randomly,
How is a block using their computational taking into account the amount of
mined/validated? resources. coins staked.

Professional mining hardware, Any computers or mobile devices

Mining equipment such as ASIC, CPU, and GPU with an internet connection

Validators can receive a share of

How are rewards The first person to mine the the transaction fees collected
distributed? block receives a block reward from the block they validated

How is the network The greater the hash, the more Staking locks crypto on the
secured secure the network blockchain to secure the network

Is Proof of Stake better than Proof

of Work?
Proof of Stake supporters argue that PoS has some benefits
over PoW, especially regarding scalability and transaction
speed. It’s also said that PoS coins are less harmful to the
environment when compared to PoW. In contrast, many PoW
supporters argue that PoS, as a newer technology, is yet to
prove its potential in terms of network security. The fact that
PoW networks require significant amounts of resources
(mining hardware, electricity, etc.) makes them more
expensive to attack. This is particularly true for Bitcoin, as the
biggest PoW blockchain.

As mentioned, Ethereum (ETH) is expected to switch from

PoW to PoS in the Ethereum 2.0 upgrade. ETH 2.0 is a long-
anticipated upgrade to the Ethereum network to improve its
performance and address its scalability issue. After the
implementation of PoS on Ethereum, anyone with at least 32
ETH will be able to participate in staking to become a validator
and receive rewards.
Is PoS better than PoW? What is making the second-largest
cryptocurrency by market capitalization adopt a new
consensus mechanism?

Centralization risk
On the Proof of Work blockchains, mining involves using
computing power to hash the block’s data until a valid solution
is found. For major cryptocurrencies today, the solutions are
getting more challenging to find and the process of guessing
massive amounts of hashes can be expensive in terms of
hardware and electricity.

Therefore, some miners prefer to accumulate their mining

resources in mining pools for a greater chance to get the block
rewards. Some big mining pools invest millions of dollars and
control thousands of ASIC mining hardware to generate as
much hashing power as possible.
As of December 2021, the top 4 mining pools together control
around 50% of the total Bitcoin hashing power. The
domination of mining pools makes it more challenging for
individual crypto enthusiasts to mine a block on their own.

But just how decentralized is mining then? On one side, there

is still no single entity that can control confirmations on the
network. If this occurred, a 51% attack would be possible and
the network would lose its value. Some might argue that while
mining is still decentralized, it is no longer heavily
decentralized. Certain areas, mining equipment producers,
and energy producers still dominate mining and reduce overall
decentralization for proof of work blockchains.

The Proof of Stake consensus mechanism takes a different

approach and replaces mining power for staking. This
mechanism lowers the barriers to entry for an individual to
confirm transactions, reducing the emphasis on location,
equipment, and other factors. Your stake is simply determined
by the amount of tokens you have.

However, most PoS networks require you to run a validator

node to begin confirming transactions. This can be expensive
to run, but not as much as several mining rigs. Users then
stake their tokens behind certain validators, giving us a similar
model to mining pools. So while Proof of Stake is easier to
participate in for an average user, it is still susceptible to the
same centralization issue as mining pools.

Security risks
In addition to centralization risk, the fact that the top four
mining pools have the majority of hashing power of the Bitcoin
network could potentially increase the risk of a 51% attack. A
51% attack refers to a potential attack on the security of a
blockchain system by a malicious actor or organization that
manages to control over 50% of the total network hashing
power. The attacker could override the blockchain consensus
algorithm and commit malicious acts to benefit themselves,
such as double spending, rejecting or altering transaction
records, or preventing others from mining. However, this is
unlikely to happen on Bitcoin due to the size of its network.
In contrast, if someone were to attack a PoS blockchain, they
would have to own more than 50% of the coins on the
network. This would cause the demand in the market and the
coin price to rise, which could cost tens of billions of dollars.
Even if they do commit a 51% attack, the value of their staked
coins would go down drastically as the network gets
compromised. Therefore it is not very likely for a 51% attack to
happen on a crypto that uses the PoS consensus, especially if
it's a large market cap one.

Drawbacks of Proof of Stake

Many see Proof of Stake as a better alternative to Proof of
Work, but it’s worth noting that there are also shortcomings in
the PoS algorithm. Due to the reward distribution mechanism,
validators with more assets staked can increase their chances
to validate the next block. The more coins a validator
accumulates, the more coins they can stake and earn, which
some people criticize as “making the rich richer”. These
“richer” validators can also influence the voting on the
network, as PoS blockchains often grant validators
governance rights.

Another concern is security risks for smaller market cap crypto

that adopts PoS. As mentioned, it is not very likely that a 51%
attack would happen on the more popular cryptocurrencies
like ETH or BNB. However, smaller digital assets with a lower
value are more vulnerable to attacks. The attackers could
potentially acquire enough coins to gain an advantage against
other validators. They could exploit the PoS system by being
frequently chosen to become validators. The rewards they
earned can then be used for further staking and increase their
chance to be chosen in the next round.

Closing thoughts
Proof of Work and Proof of Stake both have their place in the
crypto ecosystem, and it is hard to say with certainty which
consensus protocol works better. PoW might be criticized for
creating high carbon emissions during mining, but it has
proven itself as a secure algorithm to protect blockchain
networks. Nevertheless, as Ethereum shifts from PoW to PoS,
the Proof of Stake system could be more favored by new
projects in the future.

What Is a Blockchain
Consensus Algorithm?
Beginner
Published Dec 13, 2018Updated Jun 13, 2024
7m

Introduction
A consensus algorithm is a mechanism that allows users or
machines to coordinate in a distributed setting. It needs to
ensure that all agents in the system can agree on a single
source of truth, even if some agents fail. In other words, the
system must be fault-tolerant (see also: Byzantine Fault
Tolerance Explained).
In a centralized setup, a single entity has power over the
system. In most cases, they can make changes as they
please – there isn’t some complex governance system for
reaching consensus amongst many administrators.
But in a decentralized setup, it’s a whole other story. Say
we’re working with a distributed database – how do we reach
an agreement on what entries get added?
Overcoming this challenge in an environment where strangers
don’t trust each other was perhaps the most crucial
development paving the way for blockchains. In this article,
we’ll take a look at how consensus algorithms are vital to the
functioning of cryptocurrencies and distributed ledgers.
Consensus Algorithms and
Cryptocurrency
In cryptocurrencies, users’ balances are recorded in a
database – the blockchain. It’s essential that everyone (or
more accurately, every node) maintains an identical copy of
the database. Otherwise, you’d soon end up with conflicting
information, undermining the entire purpose of the
cryptocurrency network.
Public-key cryptography ensures that users cannot spend
each other’s coins. But there still needs to be a single source
of truth that network participants rely on, to be able to
determine whether funds have already been spent.
Satoshi Nakamoto, the creator of Bitcoin, proposed a Proof of
Work system to coordinate participants. We’ll get into how
PoW works shortly – for now, we’ll identify some of the
common traits of the many consensus algorithms in existence.
Firstly, we require that users that want to add blocks (we’ll call
them validators) provide a stake. The stake is some kind of
value that a validator must put forward, which discourages
them from acting dishonestly. If they cheat, they’ll lose their
stake. Examples include computing power, cryptocurrency, or
even reputation.
Why would they bother risking their own resources? Well,
there’s also a reward available. This usually consists of the
protocol’s native cryptocurrency and is made up of fees paid
by other users, freshly-generated cryptocurrency units, or
both.
The last thing we need is transparency. We need to be able
to detect when someone is cheating. Ideally, it should be
costly for them to produce blocks, but cheap for anyone to
validate them. This ensures that validators are kept in check
by regular users.
Types of Consensus Algorithms
Proof of Work (PoW)
Proof of Work (PoW) is the godfather of blockchain consensus
algorithms. It was first implemented in Bitcoin, but the actual
concept has been around for some time. In Proof of Work,
validators (referred to as miners) hash the data they want to
add until they produce a specific solution.
A hash is a seemingly random string of letters and numbers
that’s created when you run data through a hash function. But,
if you run the same data through it again, you’ll always end up
with the same output. Change even one detail, though, and
your hash will be completely different.
Looking at the output, you can’t possibly tell what information
was fed into the function. They’re therefore useful for proving
that you knew a piece of data before a certain time. You can
give someone its hash, and when you later reveal the data,
that person can run it through the function to make sure the
output is the same.
In Proof of Work, the protocol sets out conditions for what
makes a block valid. It might say, for instance, only a block
whose hash begins with 00 will be valid. The only way for the
miner to create one that matches that combination is to brute-
force inputs. They can tweak a parameter in their data to
produce a different outcome for every guess until they get the
right hash.
With major blockchains, the bar is set incredibly high. To
compete with other miners, you would need a warehouse full
of special hashing hardware (ASICs) to be in with a chance of
producing a valid block.
Your stake, when mining, is the cost of these machines and
the electricity required to run them. ASICs are built for one
purpose, so they have no use in applications outside of
cryptocurrency mining. Your only way to recoup your initial
investment is to mine, which yields a significant reward if you
successfully add a new block to the blockchain.
It’s trivial for the network to verify that you have indeed
created the right block. Even if you’ve tried trillions of
combinations to get the right hash, they just need to run your
data through a function once. If your data produces a valid
hash, it will be accepted, and you’ll get a reward. Otherwise,
the network will reject it, and you’ll have wasted time and
electricity for nothing.
Proof of Stake (PoS)
Proof of Stake (PoS) was proposed in the early days of Bitcoin
as an alternative to Proof of Work. In a PoS system, there’s no
concept of miners, specialized hardware, or massive energy
consumption. All you need is a regular PC.
Well, not all. You still need to put some skin in the game. In
PoS, you don’t put forward an external resource (like
electricity or hardware), but an internal one – cryptocurrency.
Rules differ with every protocol, but there’s generally a
minimum amount of funds you must hold to be eligible for
staking.
From there, you lock up your funds in a wallet (they can’t be
moved while you’re staking). You’ll typically agree with other
validators on what transactions will go into the next block. In a
sense, you’re betting on the block that will be selected, and
the protocol will choose one.
If your block is selected, you’ll receive a proportion of the
transaction fees, depending on your stake. The more funds
you have locked up, the more you stand to gain. But if you
attempt to cheat by proposing invalid transactions, you’ll lose
a portion (or all) of your stake. Therefore, we have a similar
mechanism to PoW – acting honestly is more profitable
than acting dishonestly.
Generally, there aren’t freshly-created coins as part of the
reward for validators. The blockchain’s native currency must
thus be issued in some other way. This can be done either via
an initial distribution (i.e., an ICO or IEO) or by having the
protocol launch with PoW before later transitioning to PoS.
To date, pure Proof of Stake has only really been deployed in
smaller cryptocurrencies. Therefore, it’s unclear if it can serve
as a viable alternative to PoW. While it appears theoretically
sound, it will be very different in practice.
Once PoS is rolled out on a network with a large amount of
value, the system becomes a playing field of game theory and
financial incentives. Anyone with the know-how to “hack” a
PoS system would likely only do so if they could gain from it –
therefore, the only way to find out if it’s feasible is on a live
network.
We’ll soon see PoS tested on a large scale – Casper will be
implemented as part of a series of upgrades to the Ethereum
network (collectively known as Ethereum 2.0).
Other Consensus Algorithms
Proof of Work and Proof of Stake are the most-discussed
consensus algorithms. But there’s a wide variety of other
ones, all with their own advantages and disadvantages. Check
out the following articles:
 Delayed Proof of Work Explained
 Leased Proof of Stake Consensus Explained
 Proof of Authority Explained
 Proof of Burn Explained
 Delegated Proof of Stake Explained
 Hybrid PoW/PoS Consensus Explained

Closing Thoughts
Mechanisms for achieving consensus are vital to the
functioning of distributed systems. Many believe that the
greatest innovation in Bitcoin was the use of Proof of Work to
enable users to agree on a shared set of facts.
Consensus algorithms today underpin not only digital money
systems, but blockchains allowing developers to run code
across a distributed network. They’re now a cornerstone of
blockchain technology and are critical to the long-term viability
of the various networks in existence.
Of all of the consensus algorithms, Proof of Work remains the
dominant offering. An alternative that’s more reliable and more
secure has yet to be proposed. That said, there’s a
tremendous amount of research and development into
replacements for PoW, and we’re likely to see more of them
surface in the coming years.

What Is Proof of Work

(PoW)?
Intermediate
Published Dec 6, 2018Updated Apr 18, 2024
10m

Key Takeaways
 Proof of Work (PoW) is a consensus mechanism created
to prevent double-spends in digital payment systems.
 PoW is a key part of the mining process, which involves
adding new blocks of transactions to the blockchain and
creating new units of cryptocurrency.
 Bitcoin and many other cryptocurrencies use PoW as a
method for securing their blockchain network and data.

Introduction
In short, Proof of Work (PoW) is a mechanism created to
prevent double-spends in digital payment systems. Bitcoin and
many other cryptocurrencies use PoW as a method for
securing their blockchain network and data. Such mechanisms
are often referred to as consensus algorithms or consensus
mechanisms, because they involve multiple parties achieving
consensus without the need to trust one another.
Proof of Work was the first consensus algorithm to emerge,
and it remains one of the most important along with Proof of
Stake (PoS). PoW was introduced by Satoshi Nakamoto in the
2008 Bitcoin whitepaper, but the technology itself was
conceived long before then.
Adam Back’s HashCash is an early example of a Proof of
Work algorithm in the pre-cryptocurrency days. By requiring
senders to perform a small amount of computing before
sending an email, receivers could mitigate spam. This
computation would cost virtually nothing to a legitimate sender
but quickly add up for someone sending emails en masse.
What Is a Double-Spend?
A double-spend occurs when the same funds are spent more
than once. The term is used almost exclusively in the context
of digital money – after all, you’d have a hard time spending
the same physical cash twice.
When you pay for a coffee today, you hand cash over to a
cashier who probably locks it in a register. You can’t go to the
coffee shop across the road and pay for another coffee with
the same bill. However, in digital cash systems, there’s the
possibility that you could.
You’ve surely duplicated a computer file before using the
copy-and-paste commands. It’s also easy for you to email the
same file to dozens of people. Since digital money is just data,
you need to prevent people from double-spending, i.e.,
copying and spending the same units in different places. A
digital payment system that fails to prevent double-spending
will collapse in no time.
For a more in-depth look at double-spending, check out
Double Spending Explained.
Why Is Proof of Work Necessary?
If you’ve read our article about blockchain technology, you’ll
know that cryptocurrency users are constantly broadcasting
transactions to the network. These transactions aren’t
immediately considered valid, though. That only happens
when they get confirmed and added to the blockchain.
The Bitcoin blockchain, for example, works as a public
transaction database (ledger) that every user can see. Picture
it like this: you and three friends have a notepad to track your
bitcoin transactions. Anytime one of you wants to make a
transfer of value, you write it down:
Alice pays Bob 5 BTC; Bob pays Carol 2 BTC, etc.
But, each time you make a transaction, you refer to the
transaction from where the funds came. So, if Bob was paying
Carol with 2 BTC, the entry would actually look like the
following:
Bob pays Carol 2 BTC that came from this earlier transaction
with Alice.
Now, we have a way to track the units of BTC. If Bob tries to
make another transaction using the same 2 BTC he just sent
to Carol, everyone will know immediately. The group won’t
allow the transaction to be added to the notepad because
those 2 BTC were already spent.
Now, this might work well in a small group. Everyone knows
each other, so they’ll probably agree on which of the friends
should add transactions to the notepad. What if we want a
group of 10,000 participants? The notepad idea doesn’t scale
well, because nobody wants to trust a stranger to manage it.
This is where Proof of Work comes in. It ensures that users
aren’t spending money that they don’t have the right to spend.
By using a combination of game theory and cryptography, a
PoW algorithm enables anyone to update the blockchain
according to the rules of the system.
How Does PoW Work?
Imagine that our notepad from the example above is the
blockchain. But we don’t add transactions one by one –
instead, we lump them into blocks. We announce the
transactions to the network, and then users creating a block
will include them in a candidate block. The transactions will
only be considered valid once their candidate block becomes
a confirmed block, meaning that it has been added to the
blockchain database.
The process of validating transactions and appending new
blocks is called mining. It’s expensive and difficult, but it can
also be rewarding. The block reward is made of transaction
fees from users and brand new bitcoins created by the
protocol.
The Proof of Work mechanism requires that a miner (the user
creating the block) invests resources such as electricity and
computing power in order to hash their candidate block’s data
until a solution to a puzzle is found.
Hashing the block’s data means passing it through a hashing
function to generate a block hash. The block hash works like a
“fingerprint” – it’s an identity for your input data and is unique
to each block.
In other words, a miner has to verify and collect pending
transactions, organize them into a candidate block, and pass
the block’s data through a hashing function to create a valid
hash. If they manage to find a valid hash to their candidate
block, they broadcast it to the network, add the block to the
blockchain, and collect the mining rewards.
When a miner broadcasts their candidate block and hash to
the network, other network participants will repeat the hashing
process to verify that the output is indeed valid.
Although it takes countless hashing attempts to find a valid
hash, it’s trivial for anyone to confirm that the generated hash
is correct. They just have to submit the same input (block
data) through the hash function and check if the output is the
same.
In Proof of Work, you must provide data whose hash matches
certain conditions. But you don’t know how to get there. Your
only option is to pass your data through a hash function and to
check if it matches the conditions. If it doesn’t, you’ll have to
change your data slightly to get a different hash. Changing
even one character in your data will result in a totally different
result, so there’s no way of predicting what an output might
be.
As a result, if you want to create a block, you’re playing a
guessing game. You typically take information on all of the
transactions that you want to add and some other important
data, then hash it all together. But since your dataset won’t
change, you need to add a piece of information that is
variable. Otherwise, you would always get the same hash as
output. This variable data is what we call a nonce. It’s a
number that you’ll change with every attempt, so you’re
getting a different hash every time.
Summing up, mining is the process of gathering blockchain
data and hashing it along with a nonce until you find a
particular hash. If you find a hash that satisfies the conditions
set out by the protocol, you get the right to broadcast the new
block to the network. At this point, the other participants of the
network update their blockchains to include the new block.
For major cryptocurrencies today, the conditions are incredibly
challenging to satisfy. The higher the hash rate on the
network, the more difficult it is to find a valid hash. This is
done to ensure that blocks aren’t found too quickly.
As you can imagine, trying to guess massive amounts of
hashes can be costly on your computer. You’re wasting
computational cycles and electricity. But the protocol will
reward you with cryptocurrency if you find a valid hash.
Let’s recap what we know so far:
 Mining is difficult and expensive but provides security to
the network.
 Miners who manage to produce a valid block are
rewarded with newly issued cryptocurrencies and
transaction fees.
 Generating a valid hash takes time, but other users can
easily check its validity by repeating the hashing
process.
So far, so good. But what if you try to cheat? What’s to stop
you from putting a bunch of fraudulent transactions into the
block and producing a valid hash?
That’s where public-key cryptography comes in. We won’t go
into depth in this article, but check out What is Public-Key
Cryptography? for a comprehensive look at it. In short, there
are some neat cryptographic tricks that allow any user to verify
whether someone has the right to move the funds they’re
attempting to spend.
When you create a transaction, you sign it. Anyone on the
network can compare your signature with your public key and
check whether they match. They’ll also check if you can
actually spend your funds and that the sum of your inputs is
higher than the sum of your outputs (i.e., that you’re not
spending more than you have).
Any block that includes an invalid transaction will be
automatically rejected by the network. It’s expensive for you to
even attempt to cheat. You’ll waste your own resources
without any reward.
Therein lies the beauty of Proof of Work: it makes it
expensive to cheat but profitable to act honestly. Any
rational miner will be seeking a return on their investment, so
they can be expected to behave in a way that is more likely to
bring revenue.
Proof of Work (PoW) vs. Proof of
Stake (PoS)
There are many consensus algorithms besides PoW, but one
of the most popular is Proof of Stake (PoS). The concept
dates back to 2011 and has been implemented in Ethereum
and several other protocols.
In Proof of Stake systems, miners are replaced with validators.
There’s no mining involved and no race to guess hashes.
Instead, users are randomly selected – if they’re picked, they
must propose (or “forge”) a block. If the block is valid, they’ll
receive a reward made up of the fees from the block’s
transactions.
Not just any user can be selected, though – the protocol
chooses them based on a number of factors. To be eligible,
participants must lock up a stake, which is a predetermined
amount of the blockchain’s native currency. The stake works
like bail: just as defendants put up a large sum of money to
disincentivize them from skipping trial, validators lock up a
stake to disincentivize cheating. If they act dishonestly, their
stake (or a portion of it) will be taken.
Proof of Stake does have some benefits over Proof of Work.
The most notable one is the smaller carbon footprint – since
there’s no need for high-powered mining farms in PoS, the
electricity consumed is only a fraction of that consumed in
PoW.
That said, PoS doesn’t have the same track record as PoW.
Although it could be perceived as wasteful, mining is the only
consensus algorithm that’s been battle-tested for over a
decade. Since its launch, Bitcoin’s PoW has secured trillions
of dollars worth of transactions. To say with certainty whether
PoS can rival its security, staking needs to be properly tested
in the long term.
Closing Thoughts
Proof of Work was the original solution to the double-spend
problem and has proven to be reliable and secure. Bitcoin
proved that we don’t need centralized entities to prevent the
same funds from being spent twice. With clever use of
cryptography, hash functions, and game theory, participants in
a decentralized environment can agree on the state of a
financial database.
Further Reading
 What Is Cryptocurrency Mining and How Does It Work?
 What Is Public Key Cryptography?
 What Is a Blockchain Consensus Algorithm?

https://academy.binance.com/en/articles/proof-of-work-
explained

Hybrid PoW/PoS
Consensus Explained
Intermediate
Published Mar 24, 2019Updated Aug 7, 2023
9m
Author: Richard Red, Decred contributor.
A blockchain’s consensus mechanism serves to ensure that
there is agreement among participants on the current state of
the blockchain. The consensus mechanism determines who is
able to add new blocks of transactions, and one of its primary
aims is to ensure that the chain is not re-written.

Proof of Work consensus

Blockchains with pure Proof of Work consensus (like Bitcoin)

can only have new blocks added by miners, who deploy
hardware that efficiently guesses the answer to a
mathematical problem. Each time a miner makes a valid
guess, they can construct a block that the network accepts.
While miners can choose to mine any chain, the network will
only accept the chain with the most accumulated Proof of
Work (i.e., the most hashes, or guesses) as the legitimate
chain. This means that miners are incentivized to mine on the
longest chain, and when they see a valid new block, they will
try to find the solution for the next block that allows them to
build on top of the previous one.
The difficulty of re-writing the blockchain is what allows it to
function as a ledger for financial transactions. When a
transaction appears in a block that sends coins to a wallet,
and several blocks have been built on top of that block
(confirmations), it becomes unlikely that the block (and
transaction) will be re-written.

If an entity controls enough hashing power to surpass the

“honest chain,” it can re-write (or reorganize) the blockchain
by mining on an “old” block instead of on the latest block.
Here’s a simplified account of this kind of attack, also known
as a 51% attack:
The attacker spends in block X by sending to an exchange,
then starts mining a parallel chain in private (blocks are not
broadcast to the network). Once the required number of
confirmations have passed, the attacker trades the coins for
something else and withdraws that from the exchange. When
the withdrawal clears, they release the parallel chain, and if it
has more PoW (blocks) than the original chain, the network
will accept it as the legitimate chain and the version of history
represented by the original chain (including the attacker’s
deposit) will disappear. The attacker is then free to spend
these coins again.
As miners are the only entities that can directly add blocks to
the chain in pure PoW cryptocurrencies, this grants them a
strong role in governance. For any change to the network’s
consensus rules to be adopted, it must have the support of a
majority of hash power. “Soft forks” require enough miners to
recognize a new rule set so users can transact and expect
their transactions to be properly processed and included in
blocks. “Hard forks” would split the network into two
components, and by the commonly accepted rule of “the chain
with most PoW is the right chain to follow,” miners would
decide which one is accepted as legitimate.

Proof of Stake consensus

Proof of Stake consensus is an alternative method of deciding

who can add new blocks and verify the current state of the
blockchain. Instead of miners competing to solve a problem,
with proof of stake, the next block producer is determined by
some process based on the number of coins held in wallets
(or “staked”). This process trusts that those with the most
stake will make responsible decisions for the entirety of the
network.
Proof of Stake consensus eliminates the need for energy-
intensive mining, but the lack of significant energy expenditure
creates another problem, sometimes referred to as “nothing at
stake.” In the case of a forked chain, PoS forgers (“forging” is
generally used instead of “mining”) are incentivized to validate
blocks on both chains because it costs them very little to work
on an extra chain and they can collect rewards on both chains.
This is a problem for the network because there is only
supposed to be one chain and agreeing on the state of that
single chain is the whole purpose of the consensus
mechanism.
Proof of Stake has an additional problem with regard to the
distribution of tokens. PoW miners have significant costs
(hardware, electricity) and must typically sell a significant
portion of their mined coins to meet those costs. As a result,
many mined coins are available to purchase on the market,
rather than being hoarded by miners. Proof of Stake forgers
have very low operational costs, so do not have the same
pressure to sell the coins they receive for maintaining the
network. Large holders who engage in Proof of Stake tend to
increase their share of the circulating coins as they collect
block rewards and transaction fees from users of the network.
This has been likened to feudalism, whereby the network is
effectively owned and operated by coin holders, and users pay
them a kind of rent for using it. There is usually some cut-off
beneath which it is not possible to participate directly in Proof
of Stake.

Hybrid PoW/PoS

The objective of hybrid Proof of Work and Proof of Stake

systems is to capture the benefits of the respective
approaches and use them to balance each other’s
weaknesses. Decred is among the few cryptocurrencies to
utilize both PoW and PoS in recognizable forms and merge
them together to produce a multi-factor or hybrid consensus
mechanism.
“Masternode coins” are, in some senses, also hybrids, in that
they have a recognizable Proof of Work component that
performs a similar role as in Bitcoin, and an additional role for
special nodes. There is typically a requirement that these
special nodes hold a certain amount of the currency as
collateral, to demonstrate that they can be trusted to act in the
network’s best interests, which is similar to the rationale for
Proof of Stake. Dash is the original masternode coin and
refers to this model as Proof of Service. This article focuses
on hybrids with a Proof of Stake component, and will not
consider the array of coins which emulate masternodes or
Proof of Service.
Decred’s PoW component works similar to other PoW-based
projects and uses the Blake-256 hash function. Decred’s PoS
component, and the way it is woven into the chain, is quite
unique and worthy of further explanation.
To participate in Decred’s Proof of Stake, holders must time-
lock their DCR to buy “tickets.” The price for an individual
ticket is set by a market-like mechanism whereby the system
is aiming for a set number of live tickets (40,960) - if there are
more than the target number the price goes up, if there are
less it goes down. When someone buys a ticket, the DCR they
used is locked (i.e., they cannot spend it) until their ticket is
pseudorandomly called to vote, or until it expires after around
142 days. This introduces an opportunity cost for PoS,
intended to ensure that PoS voters have skin in the game and
act in the network’s best interests.

PoS participants (also referred to as voters or stakeholders)

have three distinct roles to play: block voting, voting on
changes to the consensus rules, and voting on project level
management using the Politeia Proposal System. The first of
these, “block voting,” is the way in which PoS voters engage
most directly in maintaining consensus.

Voting on blocks

When a PoW miner finds a valid block, they broadcast it on

the network, but in order for that block to be considered valid,
it must include votes by at least 3 of 5 randomly selected
tickets. PoS voters keep wallets open and ready to respond
with votes when their tickets are called (or they engage Voting
Service Providers to do this on their behalf). When a PoS
ticket is called to vote and responds, its owner receives a
reward.
When tickets are called, they vote to accept or reject the
regular transactions of the previous block. Nodes on the
network will not recognize a new block as valid until it includes
at least 3 votes. If a majority of the tickets called to vote reject
the previous block’s transactions, then they are returned to the
mempool. These regular transactions include the PoW miner’s
reward, but not the PoS voters’ reward.
Therefore, PoS voters have the power to strip rewards from
miners without affecting their own rewards. This limits the
power of PoW miners to veto changes to the network’s
consensus rules, which are voted by the stakeholders. In fact,
PoS voters can reject any kind of miner behavior that they
dislike by adopting a policy of voting “no” when malicious or
inefficient behavior is detected - preventing bad PoW miners
from writing transactions and receiving rewards.

This PoS verification layer significantly boosts the network’s

security and resistance to majority attacks. The common
method of conducting a majority double spend attack is to
rewrite the blockchain by mining an alternative chain in secret
then releasing it after a certain period of time and taking
advantage of the nullification of transactions in the “old” chain
(i.e., by double spending their inputs). As Decred blocks
require input from randomly selected tickets to be considered
valid and cannot be built on by PoW miners until they have
received this input, it is not possible for PoW miners to mine in
secret unless they also control a significant proportion of the
live tickets (see these articles).
The hybrid PoW/PoS design significantly increases the costs
of attacking the network because there are two distinct
systems which must be circumvented by an attacker. The PoS
component, in particular, is configured such that tickets can
only be acquired quite slowly. A limited number of tickets can
be bought in each block/interval, and buying the maximum
number causes the price to increase sharply. Additionally,
once these tickets have been purchased, the funds used to
buy them will be time-locked, leaving an attacker exposed to
any devaluation of their locked coins that occurred as a result
of an attack.

The requirement that each block is voted on by randomly

selected stakeholders means that the blockchain must be
shared with all participants as it is mined, enhancing the
network’s security. Decred’s hybrid system has been designed
to also grant stakeholders power over the PoW miners.
Consensus change voting

Decred decided at its outset to make PoS stakeholders the

dominant decision-making force in the blockchain’s
governance. Written into the consensus rules is an upgrade
ratification procedure through which any change to the
network’s consensus rules can only be deployed once it has
passed through a voting process. Changes can only be made
if approved by at least 75% of the voting tickets. This process
begins once a certain proportion of miners (95%) and voters
(75%) are running upgraded software with latent changes to
the rules. If the proposal has 75% support after a 4 week
voting period it is accepted, otherwise, it is rejected, and if it
does not have either supermajority, a re-vote begins. If a
proposal is accepted the rule change activates one month
later.

Project management: Politeia

Decred’s block rewards are split between PoW miners (60%),

PoS voters (30%), and a Treasury (10%) to fund development
of open source software that furthers the project’s aims. Ticket
holders have sovereignty to vote on how this fund should be
spent what features should be added, and to determine policy
through the Politeia platform.

Closing thoughts

As PoS voters receive 30% of the block reward, they cannot

maintain their relative share of circulating DCR simply by
staking. The majority of newly minted DCR goes to PoW
miners in exchange for the role they play in securing the
network and mitigating the “nothing at stake” problem of pure
PoS systems. Miners would typically have to sell a significant
portion of the rewards they receive to meet their operational
costs, ensuring that a fair supply of DCR is available in the
market.

Decred’s blockchain presents unique architecture and is one

of the most notable examples of a hybrid PoW/PoS system.
In the same way that projects with PoS consensus are a
general grouping with significant variations within, future
projects which deploy hybrid PoW/PoS approaches will also
be unique and will not necessarily follow the Decred
framework.

Delayed Proof of Work

Explained
Intermediate
Published Dec 3, 2018Updated Aug 17, 2023
4m
Delayed Proof of Work (dPoW) is a security mechanism
designed by the Komodo project. It is basically a modified
version of the Proof of Work (PoW) consensus algorithm that
makes use of Bitcoin blockchain’s hashpower as a way to
enhance network security. By using dPoW, Komodo
developers are able to secure not only their own network but
also any third-party chain that ends up joining the Komodo
ecosystem in the future. In fact, dPoW can be implemented for
any project that develops an independent blockchain using a
UTXO model.
How does dPoW work?

Taking Komodo as one example, the dPoW security

mechanism was developed and implemented into the Zcash
code base, allowing zero-knowledge privacy and increasing
network security by leveraging Bitcoin’s hash rate.

At intervals of ten minutes, the Komodo system takes a

snapshot of its own blockchain. Then, the snapshot is written
into a block on the Bitcoin network in a process called
notarization. Basically, this process creates a backup of the
entire Komodo system, which is saved within the Bitcoin
blockchain.

Technically speaking, Komodo’s community-elected notary

nodes write a block hash from every dPoW-protected
blockchain onto the Komodo ledger, by executing a
transaction on the Komodo chain. Using the OP_RETURN
command, the notary nodes store a single block hash onto the
Komodo chain.

The reason why the notary nodes select a block hash that is
about ten minutes old is to ensure that the entire network
agrees the block is valid. Each blockchain's network still
comes to consensus for each block. The notary nodes simply
record a block hash from a previously-mined block.

Then, the notary nodes write a block hash from the Komodo
chain onto the Bitcoin ledger. This process is also completed
by executing a BTC transaction and using OP_RETURN to
write the data into a block on the Bitcoin chain.

Once this notarization to Bitcoin occurs, Komodo's notary

nodes write that block data from the BTC chain back onto the
chain of every other protected chain. At this point, the network
will not accept any re-organizations that attempt to change a
notarized block (or any blocks that were created prior to the
most recently-notarized block).

Currently, dPoW is being used with Bitcoin, but it has the

potential to be used as a tool for leveraging both the security
and the features of any other blockchain that uses a UTXO
model.

PoW vs dPoW

One of the main goals of the Proof of Work (PoW) algorithm is

to maintain network security, deterring cyber attacks such
as Distributed Denial-of-Service attacks (DDoS). In a few
words, the PoW algorithm is a piece of data that is very costly
to produce but easy for others to verify and that is a crucial
element of the mining process.
The mining within PoW-based blockchains is very demanding
by design. Miners need to solve a complex cryptographic
puzzle in order to be able to mine a new block. Such a
process involves intense computational work, which is very
costly in terms of hardware and electricity. The process of
mining not only protect the network from external attacks but
also verifies the legitimacy of transactions and generate new
cryptocurrency units (as a reward to the miner that solves the
puzzle).

Therefore, one of the reasons Proof of Work blockchains are

secure is the fact that the mining process involves a very high
financial investment and depends on network consensus.
However, it is important to note that the security of PoW
blockchains is directly related to the amount of computational
power (hash rate) being devoted to them, meaning that small
blockchain networks are not as secure as large ones.

In contrast to PoW, dPoW is not used to achieve consensus

on new blocks and, thus, is not considered a consensus
algorithm. Instead, it is a security mechanism that is
implemented in addition to ordinary PoW consensus rules.
DPoW makes it impossible for blocks that have been
notarized to be reorganized, which means it makes
blockchains far more secure and resistant to 51% attacks.
In effect, dPoW "re-sets" a blockchain's consensus rules every
time a block is notarized. For instance, most PoW chains use
the "longest chain rule." So each time a blockchain's network
receives confirmation that block XXX,XX1 has been notarized,
the longest chain rule starts over at block XXX,XX2. The
network will not accept a chain that begins at block XXX,XX0
or prior, even if it is the longest one.

Closing thoughts

The delayed Proof of Work security mechanism allows for

frequent backups to ensure that in the event of a system
failure or successful hack, the entire data can be quickly
recovered. For a hack to successfully cause lasting damage
the attacker would have to take down the Bitcoin network as
well, destroying all of the snapshots that were backed up
within the Bitcoin blockchain.
For those who would like to learn more about delayed Proof of
Work, please check Komodo's Blockchain Security Service
page.