The third step of the Bitcoin consensus mechanism is to check each new block independently through each node in the network. When the new block spreads in the network, each node will perform a series of tests to verify it before each node is forwarded to its node. This ensures that only effective blocks will spread in the network. Ser independent verification also ensures that the blocks generated by honest miners can be included in the blockchain to get rewards. The blocks generated by the dishonesty of the behavior will be rejected, which will not only lose the reward, but also waste the opportunity to find a solution to the workload, which leads to its loss of electricity bills. Is when a node receives a new block, it will verify the block against a long standard list. If it is not verified, this block will be rejected. These standards can obtain of the functions and functions of the core client of Bitcoin. This is because each node checks the block according to the same rules. A invalid Coinbase transaction will invalidate the entire block, which will cause the block to be rejected, so the transaction will not become part of the general ledger. Miners must build a perfect block, based on all nodes sharing rules, and mining according to the solution of the correct workload certificate. They cost a lot of electric mining to do this. If they cheat, all electricity and efforts will be wasted. This is why independent verification is an important part of decentralized consensus. The last step of the centralized consensus mechanism of Bitcoin is to gather blocks into the chain with the maximum workload certificate. Once a node verifies a new block, it will try to connect the new block to the existing blockchain and assemble them. If nodes to maintain three types of blocks: the first is connected to the main chain, and the second is to produce branches from the main chain (spare chain). The last one is not found in the known chain Knowing father's block. During the verification process, once it is found that there is a place that does not meet the standard, the verification will fail, so that the block will be rejected by the node, so it will not be added to any chain. The main chain is the most difficult blockchain. Under normal circumstances, the main chain is also the chain containing the most blocks, unless there are two equal chains and one of them have more workload proof. There will also be some branches in the main chain. The blocks in these branches and the blocks on the main chain are "brothers" blocks. These blocks are effective, but not part of the main chain. The purpose of retaining these branches is that if one of them is extended at some point in the future and exceeds the main chain on the difficulty value, the subsequent blocks will be referenced. If the node receives an effective block, but not found its father's block in the existing blockchain, then this block is considered a "lone block". The lonely blocks will be stored in the lone pond until their father's block is received by nodes. Once you receive the parent block and connect it to the existing blockchain, the node will take out the lone block from the lone block and connect it to its parent block, so that it will be used as part of the blockchain. When the two blocks are dug out in a short time interval, the nodes may receive them in the opposite order, and the lone block will appear at this time. After selecting the maximum difficult blockchain, all nodes finally reached consensus on the entire network. As more workload proves to be added to the chain, the temporary differences of the chain will eventually be resolved. The mining node selects the blockchain they want to extend through "voting". When they dig out a new block and extend a chain, the new block itself represents their voting. Because the blockchain is a decentralized data structure, it cannot always be consistent between different copies. Blocks may reach different nodes at different times, causing the nodes to have different blockchain. The solution is that each node always chooses and tries to extend the blockchain that has accumulated the maximum workload, which is the longest or maximum cumulative chain. Through the workload of each block on the accumulated chain, the total amount of workload to establish this chain to establish this chain is obtained. As long as all nodes choose the longest and accumulated blockchain, the entire Bitcoin network will eventually converge to a consistent state. The split is the temporary difference between different blockchains. When more blocks are added to a bifurcation, this problem will be solved. This reminder that the blockchain fork described in this section will occur automatically due to the delay of transmission in the global network. , the block of the inverted triangle will not be discarded. It is linked to the father's block of the star chain and forms a spare chain. Although the node X believes that it has selected the winning chain correctly, it will also save the "loss" chain, so that if the "loss" chain may eventually "win", it also has the required information for re -packaging. This is a re -consensus of a chain, because these nodes are forced to modify their position on the blockchain and incorporate themselves into a longer chain. Any miner who is engaged in an extension-inverted triangle will now stop the job because their candidates are "orphan" because their parents "inverted triangle" are no longer the longest chain. The transaction in the "inverted triangle" is re -inserted into the memory pool to include in the next block, because the block they are no longer in the main chain. The entire network returned to a single chain state, star-triangular-diamond-shaped, "diamond" became the last block in the chain. All miners immediately started to study the candidate block of the "diamond shape" as the parent block to expand this star-triangular-diamond-shaped chain. Theoretically, the fork of the two blocks is possible. This situation occurs in the miners who are opposed to each other due to the previous fork, and almost discover the solution of two different blocks at the same time. However, the chance of this situation is very low. Single block splitting occurs every week, while double blocks are very rare. The Bitcoin interval is designed to 10 minutes, which is a compromise made between faster trading confirmation and lower bull probability. The shorter block of blocks will make the transaction liquidation faster and also lead to a more frequent blockchain fork. In contrast, the longer interval will reduce the number of bits, but it will lead to a longer liquidation time. Since 2012, Bitcoin mining has developed a solution to solve the basic structural restrictions of the block head. In the early days of Bitcoin, miners can dig out a block by having a haSh that meets the requirements by traversing. After the difficulty increased, the miners often did not produce after trying 4 billion yuan. However, this is easy to solve by reading the timestamp of the block and calculating the time. Because the timestamp is part of the block head, its changes allow the miners to traverse with different random values. When the speed of mining hardware reaches 4GH/second, this method becomes more and more difficult, because the value of the random number is used in one second. ASIC mining machines appear and quickly reached the Hash rate of Th/seconds, and in order to find effective blocks, the mining software requires more space to store the NONCE value. It can be extended a little back, but if it moves too far in the future, the block will become invalid. The new "change" of the source of information. The solution is to use coinbase transactions as an additional random value source, because the Coinbase script can store 2-100 bytes of data. Miners began to use this space as the source of additional random value, allowing them to explore a much larger block header Find an effective block in the range. This coinbase transaction is included in the Merkle tree, which means that any changes in any CoinBase script will cause changes in the Merkle root. It 8 additional random numbers, plus the "standard" random number of 4 bytes, allowing miners to try 2^96 per second (after 8 and 28 zero) species without modifying the time stamp Essence If the miners pass through all the possibilities in the future, they can also solve it by modifying the time stamp. Similarly, there are more extra space in the Coinbase script that can prepare for the expansion of random numbers in the future. The consensus mechanism of Bitcoin refers to the difficulty of being deceived or destructive by the miners (or mining pool) to use its own computing power, at least theoretically. As we said earlier, the consensus mechanism of Bitcoin depends on such a premise, that is, the vast majority of miners will maintain the entire Bitcoin system through honesty to maintain the consideration of their own interests. However, when a miner with a large number of computing power in the entire system appears, they can achieve the purpose of destroying the security and reliability of Bitcoin network by attacking the consensus mechanism of Bitcoin. The attention is that consensus attacks can only affect the future consensus of the entire blockchain, or in other words, it can affect the consensus of up to the past few blocks (up to 10 pieces in the past). And over time, the possibility of tampering by the entire Bitcoin blockchain is getting lower and lower. Theoretically, a blockchain fork can become very long, but in fact, if you want to achieve a very long blockchain fork, the computing power requires The chain is gradually growing, and the past blocks can basically be considered to be unable to be tampered with. At the same time, consensus attacks will not affect the user's private key and encryption algorithm (ECDSA). Consors of consensus attacks cannot steal Bitcoin from other wallets, pay Bitcoin, re -assign Bitcoin, change past transactions, or change Bitcoin holding records. The only impact of consensus attacks can affect the nearest block (up to 10) and affect the generation of future blocks by rejecting services. The typical scene of consensus attack is "51%attack". Imagine such a scene, a group of miners controlled the 51 % computing power of the entire Bitcoin network, and they jointly intended to attack the entire Bitcoin system. Because these miners can generate most of the blocks, they can realize "dual support" or use the way of refusing service to prevent specific transactions or attack specific wallet addresses by intentionally manufacturing block chain split. Blockchain split/dual payment attack refers to the attacker by not recognizing a nearest transaction and reconstructing new blocks before this transaction, so as to generate new forks and then achieve dual payment. With the guarantee of sufficient computing power, an attacker can tampered with the latest 6 or more blocks at one time, so that the transactions that these blocks should not have tampered with can disappear. The attention is that dual payment can only be carried out in the transaction that occurs in the wallet owned by the attacker, because only the owner of the wallet can generate a legitimate signature for dual payment transactions. The attacker conducts a double payment attack on their own transactions. If the transaction can be achieved by the invalidation of the transaction, it will not be paid for the irreversible purchase behavior. This attack is favorable. The attacker Mallory bought the Great Fire, which depicts the great Nakamototo in the Carol gallery, and traded by Mallory by the Bitcoin worth 250,000 US dollars. After a confirmation of one instead of six transactions, Carol reassured the group painting and handed it to Mallory. At this time, Paul, a member of Mallory, a person with a large amount of computing power, began a 51%attack when the transaction was written into the blockchain. First of all, Paul uses the computing power of its own mining pool to re -calculate the block containing the transaction, and replace the original transaction in the new block with another transaction (such as directly transferred to another wallet of Mallory. Not carol), thus realizing "dual payment". This "double payment" transaction uses UTXO consistent with the original transaction, but the payee is replaced by Mallory's wallet address. Then Paul uses the mining pool to calculate a updated block on the basis of the fake block. Essence At this point, the height of the higher fork blockchain replaces the original blockchain. Three valuable paintings were taken away by Mallory in vain. In the whole process, other miners in the Paul mining pool may not be aware of what the "double payment" transaction is from beginning to end, because the mining procedures are running automatically and will not monitor each one from time to time. Each transaction in the block. In order to avoid such attacks, merchants selling commodities should be delivered after the transaction gets 6 confirmations on the entire network. Alternatively, the merchant should use a third -party signature account for transactions, and also wait until the transaction account gets multiple confirmations on the entire network before delivering the goods. The more confirmation of a transaction, the more difficult the attacker is tampered with by 51%attack. For the transaction of commodities, even if it is shipped after 24 hours of payment, it is convenient and efficient for buyers and sellers. After 24 hours, the entire network confirmation of the transaction will reach at least 144 (the possibility of effectively reduced the possibility of being attacked by 51%). It attention is that 51%attack is not as saying in its naming. The attacker needs at least 51%of the computing power to initiate. You can still try to launch such attacks. The reason why it is named for 51%is just because when the attacker's computing power reaches 51%, the attack attempts launched will be almost successful. Essentially, consensus attacks are like the computing power of all miners in the system is divided into two groups. One group is an honest computing power, one is an attacker's computing power. The new block on the blockchain is just the attacker's computing power is carefully constructed, including or eliminating some transactions. Therefore, the less computing the attackers have, the less likely to win in this final. In another perspective, the more computing the attacker has, the longer the fork block chain it intentionally created. The more. Some security research organizations use the conclusion that the computing power reaches 30%of the entire network is enough to launch a 51%attack. The rapid growth of the entire network computing has made the Bitcoin system no longer may be attacked by a miner, because a miner can no longer occupy the 1%force of the entire network. to be supplemented to be supplemented
The third step of the Bitcoin consensus mechanism is to check each new block independently through each node in the network. When the new block spreads in the network, each node will perform a series of tests to verify it before each node is forwarded to its node. This ensures that only effective blocks will spread in the network.
Ser independent verification also ensures that the blocks generated by honest miners can be included in the blockchain to get rewards. The blocks generated by the dishonesty of the behavior will be rejected, which will not only lose the reward, but also waste the opportunity to find a solution to the workload, which leads to its loss of electricity bills.
Is when a node receives a new block, it will verify the block against a long standard list. If it is not verified, this block will be rejected. These standards can obtain
of the functions and functions of the core client of Bitcoin.
This is because each node checks the block according to the same rules. A invalid Coinbase transaction will invalidate the entire block, which will cause the block to be rejected, so the transaction will not become part of the general ledger. Miners must build a perfect block, based on all nodes sharing rules, and mining according to the solution of the correct workload certificate. They cost a lot of electric mining to do this. If they cheat, all electricity and efforts will be wasted. This is why independent verification is an important part of decentralized consensus.
The last step of the centralized consensus mechanism of Bitcoin is to gather blocks into the chain with the maximum workload certificate. Once a node verifies a new block, it will try to connect the new block to the existing blockchain and assemble them.
If nodes to maintain three types of blocks: the first is connected to the main chain, and the second is to produce branches from the main chain (spare chain). The last one is not found in the known chain Knowing father's block. During the verification process, once it is found that there is a place that does not meet the standard, the verification will fail, so that the block will be rejected by the node, so it will not be added to any chain.
The main chain is the most difficult blockchain. Under normal circumstances, the main chain is also the chain containing the most blocks, unless there are two equal chains and one of them have more workload proof. There will also be some branches in the main chain. The blocks in these branches and the blocks on the main chain are "brothers" blocks. These blocks are effective, but not part of the main chain. The purpose of retaining these branches is that if one of them is extended at some point in the future and exceeds the main chain on the difficulty value, the subsequent blocks will be referenced.
If the node receives an effective block, but not found its father's block in the existing blockchain, then this block is considered a "lone block". The lonely blocks will be stored in the lone pond until their father's block is received by nodes. Once you receive the parent block and connect it to the existing blockchain, the node will take out the lone block from the lone block and connect it to its parent block, so that it will be used as part of the blockchain. When the two blocks are dug out in a short time interval, the nodes may receive them in the opposite order, and the lone block will appear at this time.
After selecting the maximum difficult blockchain, all nodes finally reached consensus on the entire network. As more workload proves to be added to the chain, the temporary differences of the chain will eventually be resolved. The mining node selects the blockchain they want to extend through "voting". When they dig out a new block and extend a chain, the new block itself represents their voting.
Because the blockchain is a decentralized data structure, it cannot always be consistent between different copies. Blocks may reach different nodes at different times, causing the nodes to have different blockchain.
The solution is that each node always chooses and tries to extend the blockchain that has accumulated the maximum workload, which is the longest or maximum cumulative chain. Through the workload of each block on the accumulated chain, the total amount of workload to establish this chain to establish this chain is obtained. As long as all nodes choose the longest and accumulated blockchain, the entire Bitcoin network will eventually converge to a consistent state. The split is the temporary difference between different blockchains. When more blocks are added to a bifurcation, this problem will be solved.
This reminder that the blockchain fork described in this section will occur automatically due to the delay of transmission in the global network.
, the block of the inverted triangle will not be discarded. It is linked to the father's block of the star chain and forms a spare chain. Although the node X believes that it has selected the winning chain correctly, it will also save the "loss" chain, so that if the "loss" chain may eventually "win", it also has the required information for re -packaging.
This is a re -consensus of a chain, because these nodes are forced to modify their position on the blockchain and incorporate themselves into a longer chain. Any miner who is engaged in an extension-inverted triangle will now stop the job because their candidates are "orphan" because their parents "inverted triangle" are no longer the longest chain.
The transaction in the "inverted triangle" is re -inserted into the memory pool to include in the next block, because the block they are no longer in the main chain.
The entire network returned to a single chain state, star-triangular-diamond-shaped, "diamond" became the last block in the chain. All miners immediately started to study the candidate block of the "diamond shape" as the parent block to expand this star-triangular-diamond-shaped chain.
Theoretically, the fork of the two blocks is possible. This situation occurs in the miners who are opposed to each other due to the previous fork, and almost discover the solution of two different blocks at the same time.
However, the chance of this situation is very low. Single block splitting occurs every week, while double blocks are very rare. The Bitcoin interval is designed to 10 minutes, which is a compromise made between faster trading confirmation and lower bull probability. The shorter block of blocks will make the transaction liquidation faster and also lead to a more frequent blockchain fork. In contrast, the longer interval will reduce the number of bits, but it will lead to a longer liquidation time.
Since 2012, Bitcoin mining has developed a solution to solve the basic structural restrictions of the block head. In the early days of Bitcoin, miners can dig out a block by having a haSh that meets the requirements by traversing.
After the difficulty increased, the miners often did not produce after trying 4 billion yuan. However, this is easy to solve by reading the timestamp of the block and calculating the time. Because the timestamp is part of the block head, its changes allow the miners to traverse with different random values. When the speed of mining hardware reaches 4GH/second, this method becomes more and more difficult, because the value of the random number is used in one second.
ASIC mining machines appear and quickly reached the Hash rate of Th/seconds, and in order to find effective blocks, the mining software requires more space to store the NONCE value. It can be extended a little back, but if it moves too far in the future, the block will become invalid.
The new "change" of the source of information. The solution is to use coinbase transactions as an additional random value source, because the Coinbase script can store 2-100 bytes of data. Miners began to use this space as the source of additional random value, allowing them to explore a much larger block header Find an effective block in the range. This coinbase transaction is included in the Merkle tree, which means that any changes in any CoinBase script will cause changes in the Merkle root.
It 8 additional random numbers, plus the "standard" random number of 4 bytes, allowing miners to try 2^96 per second (after 8 and 28 zero) species without modifying the time stamp Essence If the miners pass through all the possibilities in the future, they can also solve it by modifying the time stamp. Similarly, there are more extra space in the Coinbase script that can prepare for the expansion of random numbers in the future.
The consensus mechanism of Bitcoin refers to the difficulty of being deceived or destructive by the miners (or mining pool) to use its own computing power, at least theoretically. As we said earlier, the consensus mechanism of Bitcoin depends on such a premise, that is, the vast majority of miners will maintain the entire Bitcoin system through honesty to maintain the consideration of their own interests. However, when a miner with a large number of computing power in the entire system appears, they can achieve the purpose of destroying the security and reliability of Bitcoin network by attacking the consensus mechanism of Bitcoin.
The attention is that consensus attacks can only affect the future consensus of the entire blockchain, or in other words, it can affect the consensus of up to the past few blocks (up to 10 pieces in the past). And over time, the possibility of tampering by the entire Bitcoin blockchain is getting lower and lower.
Theoretically, a blockchain fork can become very long, but in fact, if you want to achieve a very long blockchain fork, the computing power requires The chain is gradually growing, and the past blocks can basically be considered to be unable to be tampered with.
At the same time, consensus attacks will not affect the user's private key and encryption algorithm (ECDSA).
Consors of consensus attacks cannot steal Bitcoin from other wallets, pay Bitcoin, re -assign Bitcoin, change past transactions, or change Bitcoin holding records. The only impact of consensus attacks can affect the nearest block (up to 10) and affect the generation of future blocks by rejecting services.
The typical scene of consensus attack is "51%attack". Imagine such a scene, a group of miners controlled the 51 % computing power of the entire Bitcoin network, and they jointly intended to attack the entire Bitcoin system. Because these miners can generate most of the blocks, they can realize "dual support" or use the way of refusing service to prevent specific transactions or attack specific wallet addresses by intentionally manufacturing block chain split.
Blockchain split/dual payment attack refers to the attacker by not recognizing a nearest transaction and reconstructing new blocks before this transaction, so as to generate new forks and then achieve dual payment. With the guarantee of sufficient computing power, an attacker can tampered with the latest 6 or more blocks at one time, so that the transactions that these blocks should not have tampered with can disappear.
The attention is that dual payment can only be carried out in the transaction that occurs in the wallet owned by the attacker, because only the owner of the wallet can generate a legitimate signature for dual payment transactions. The attacker conducts a double payment attack on their own transactions. If the transaction can be achieved by the invalidation of the transaction, it will not be paid for the irreversible purchase behavior. This attack is favorable.
The attacker Mallory bought the Great Fire, which depicts the great Nakamototo in the Carol gallery, and traded by Mallory by the Bitcoin worth 250,000 US dollars. After a confirmation of one instead of six transactions, Carol reassured the group painting and handed it to Mallory. At this time, Paul, a member of Mallory, a person with a large amount of computing power, began a 51%attack when the transaction was written into the blockchain.
First of all, Paul uses the computing power of its own mining pool to re -calculate the block containing the transaction, and replace the original transaction in the new block with another transaction (such as directly transferred to another wallet of Mallory. Not carol), thus realizing "dual payment". This "double payment" transaction uses UTXO consistent with the original transaction, but the payee is replaced by Mallory's wallet address.
Then Paul uses the mining pool to calculate a updated block on the basis of the fake block. Essence At this point, the height of the higher fork blockchain replaces the original blockchain. Three valuable paintings were taken away by Mallory in vain.
In the whole process, other miners in the Paul mining pool may not be aware of what the "double payment" transaction is from beginning to end, because the mining procedures are running automatically and will not monitor each one from time to time. Each transaction in the block.
In order to avoid such attacks, merchants selling commodities should be delivered after the transaction gets 6 confirmations on the entire network. Alternatively, the merchant should use a third -party signature account for transactions, and also wait until the transaction account gets multiple confirmations on the entire network before delivering the goods. The more confirmation of a transaction, the more difficult the attacker is tampered with by 51%attack.
For the transaction of commodities, even if it is shipped after 24 hours of payment, it is convenient and efficient for buyers and sellers. After 24 hours, the entire network confirmation of the transaction will reach at least 144 (the possibility of effectively reduced the possibility of being attacked by 51%).
It attention is that 51%attack is not as saying in its naming. The attacker needs at least 51%of the computing power to initiate. You can still try to launch such attacks. The reason why it is named for 51%is just because when the attacker's computing power reaches 51%, the attack attempts launched will be almost successful.
Essentially, consensus attacks are like the computing power of all miners in the system is divided into two groups. One group is an honest computing power, one is an attacker's computing power. The new block on the blockchain is just the attacker's computing power is carefully constructed, including or eliminating some transactions. Therefore, the less computing the attackers have, the less likely to win in this final.
In another perspective, the more computing the attacker has, the longer the fork block chain it intentionally created. The more. Some security research organizations use the conclusion that the computing power reaches 30%of the entire network is enough to launch a 51%attack. The rapid growth of the entire network computing has made the Bitcoin system no longer may be attacked by a miner, because a miner can no longer occupy the 1%force of the entire network.
to be supplemented
to be supplemented