Blockchain technology is designed to create a distributed, decentralized and immutable digital ledger. Each node in the blockchain network maintains its own copy of the distributed ledger and updates it after verifying the authenticity of each new block.
The complete independence of blockchain nodes is useful for resiliency and implementing a largely trustless system but becomes a problem when it comes to keeping the network synchronized. Without a centralized authority, there is no one to rubber-stamp the official version of each block in the blockchain.
This is where blockchain consensus algorithms come in. They define a means of selecting the next block creator and arbitrating disputes between conflicting versions of the blockchain in a decentralized fashion. Their security is vital to the security of the blockchain, since a node with control over the block creation process controls the historical record of the blockchain network.
How consensus algorithms work
Blockchain algorithms are based on the principle of “security via scarcity.” In a blockchain consensus algorithm, the more of a scarce resource (such as computational power or cryptocurrency) that you control, the more often you will be selected to create a block (and earn the associated block reward).
The use of a scarce resource for controlling power on the blockchain is necessary due to the potential for malicious accounts on the blockchain. Most blockchains are anonymous, allowing anyone to create an account. This makes a “one account, one vote” approach unusable, since a bad actor could simply create many accounts.
The use of a scarce resource also brings economic protections into play for the blockchain. As shown in the supply and demand curve above, as the demand for a scarce resource increases, so does the price. An attacker attempting to increase their control of a blockchain increases the demand for the scarce resource. Hopefully, the increased price will make it financially infeasible to collect enough of the resource to effectively attack the network.
The longest chain rule
Consensus algorithms also have a mechanism for dealing with competing versions of the blockchain called the longest chain rule. If an honest node is presented with two versions of the blockchain, it should accept the one that took the most work to build (or is the “longest” chain”). This means that the official version of the distributed ledger can change.
Common consensus algorithms
A number of different consensus algorithms have been created based on these principles. Two of the more commonly used consensus algorithms are Proof of Work and Proof of Stake.
Proof of Work
Proof of Work is the original consensus algorithm developed by Satoshi Nakamoto for the Bitcoin blockchain. It uses computational power as its scarce resource.
It accomplishes this by defining a valid block as one whose header hashes to a value less than a set threshold. Since hash functions are collision-resistant, the best way of finding a valid block is a brute-force “guess and check” approach.
The more computational resources that a node controls, the more guesses it is able to make within a given period of time. This means that control over computing power directly correlates to control over a Proof of Work blockchain.
Attacking Proof of Work
The Proof of Work consensus algorithm has a built-in vulnerability: it is based on majority vote (where votes are computational resources). This means that an attacker with control over the majority of the network’s computational resources has complete control over the blockchain since they can find valid blocks faster than anyone else. This 51% attack is mitigated largely by having a blockchain network with a large amount of computational resources, making it too expensive to acquire a majority of them.
Attacks against the Proof of Work consensus algorithm are largely designed to achieve the goals of a 51% attack without controlling the majority of the blockchain’s computational resources. Examples include:
Selfish mining: Blockchain blocks are built on top of one another, so the next block can’t be created until the previous one is known. Selfish miners will not immediately reveal a block once they discover it, giving them a head start in finding the next one
SPV mining: Blockchain miners must verify that none of the transactions in the block they are creating conflict with previous blocks. SPV miners will create a block only containing the transaction paying them the block reward, eliminating this step and providing a head start
Proof of Stake
The Proof of Stake consensus algorithm is designed to eliminate the high computational usage of Proof of Work. In Proof of Stake, the scarce resource is the blockchain’s cryptocurrency.
Proof of Stake block forgers promise not to spend some of their cryptocurrency or “stake” it in exchange for the chance of being selected as a block creator. The probability of being selected as a block creator is proportional to the percentage of the staked cryptocurrency belonging to a given node.
The Proof of Stake consensus algorithm can also be attacked. Some example attack vectors include:
XX% attack: An attacker with control of 51% of a Proof of Work network’s computational resources controls block creation. While this isn’t true of Proof of Stake, controlling a large percentage of the staked resources can provide a high level of control
Long-range attack: A long-range attacker attempts to build a competing version of the blockchain, creating blocks whenever they are selected as block creator. Over time, they can control all of the stake in their version and have it grow faster than the main chain, enabling it to replace it under the longest chain rule
Nothing at stake problem: When presented with two versions of the blockchain, a Proof of Stake block forger is incentivized to build on both, potentially extending malicious versions of the blockchain
Securing the blockchain
Consensus algorithms are vital to blockchain security; however, they can be attacked in a number of different ways. Understanding potential threats to consensus security is essential to securing the blockchain.