工作证明同样也解决了‘’少数服从多数‘’决策过程当中的表决难题。如果决策系统中的多数是基于“一个IP地址一票”的机制计算出来的,那么这种机制作出的决定很容易就被能够占据更多IP地址的任何人所否决和颠覆。工作证明本质上是基于“一个CPU一票”的。最长的链就代表着最大多数投票者的决定,也就代表了那些为该链条产生做出更多贡献的人。如果CPU算力的大多数是掌握在诚实守信的节点手中,那么这条链就会长得最快,比其他竞争链更快。为了更改已经生成的某一个区块,攻击者需要重新生成这个以及在这个区块之后所产生的所有区块的工作证明,然后再赶上并超过诚实节点的工作链。稍后我们将证明后来攻击者想要超过诚信节点链的可能性随着后续区块的数量的增加会指数级的减少。
为了平衡硬件速度提升以及后续运行节点之间的利益分配,工作证明的难度由锚定每小时产生的区块量的动态平均值所决定。如果区块产生速度提升,那么工作证明难度则加大。
5.网络
网络运行的步骤如下:
1.每次交易都向全网所有节点广播;
2.所有节点都将该交易信息收集进一个区块;
3.每个节点都致力于先为自己产生的区块找一个有难度的工作证明;
4.当某一节点找到工作证明之后,则将自己产生的区块向全网节点广播;
5.其余节点只有在该区块当中的所有交易信息都是真实有效的,并且之前没有被“花”过才会承认该区块;
6.其余节点通过在此区块之后产生新的区块来作为承认该区块的方式,并将该区块的哈希值作为自己即将产生的下一个区块的之前的哈希。
所有节点都将最长的链视为唯一正确的一条链并将致力于扩展它的长度。如果有两个节点对外同时广播的区块内容不一致,那么其他节点收到这两个区块就会有先后顺序。这种情况下节点会在最先接受的区块上开展工作,同时还要暂存另外一个稍晚接收到的区块,以防它成为更长的链。一旦下一个工作证明完成而使得其中一个链变得更长,那么同时广播出来的两个区块之间的胜负就见了分晓,在“失败”区块上工作的节点会转而向“成功”区块所在的链上工作。
新的交易广播并不一定要到达全部节点。只要到达数量足够多的节点,它们很快就会被融入新的区块。区块对外广播也允许“漏收”。如果一个节点没有收到某一个区块,它将会在收到下一个区块时会“得知”缺失了某一区块,并发出补全该缺失区块的申请。
The proof-of-work also solves the problem of determining representation in majority decision making. If the majority were based on one-IP-address-one-vote, it could be subverted by anyone able to allocate many IPs. Proof-of-work is essentially one-CPU-one-vote. The majority decision is represented by the longest chain, which has the greatest proof-of-work effort invested in it. If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains. To modify a past block, an attacker would have to redo the proof-of-work of the block and all blocks after it and then catch up with and surpass the work of the honest nodes. We will show later that the probability of a slower attacker catching up diminishes exponentially as subsequent blocks are added.
To compensate for increasing hardware speed and varying interest in running nodes over time, the proof-of-work difficulty is determined by a moving average targeting an average number of blocks per hour. If they're generated too fast, the difficulty increases.
5. Network
The steps to run the network are as follows:
1) New transactions are broadcast to all nodes.
2) Each node collects new transactions into a block.
3) Each node works on finding a difficult proof-of-work for its block.
4) When a node finds a proof-of-work, it broadcasts the block to all nodes.
5) Nodes accept the block only if all transactions in it are valid and not already spent.
6) Nodes express their acceptance of the block by working on creating the next block in the
chain, using the hash of the accepted block as the previous hash.
Nodes always consider the longest chain to be the correct one and will keep working on extending it. If two nodes broadcast different versions of the next block simultaneously, some nodes may receive one or the other first. In that case, they work on the first one they received, but save the other branch in case it becomes longer. The tie will be broken when the next proof-of-work is found and one branch becomes longer; the nodes that were working on the other branch will then switch to the longer one.
New transaction broadcasts do not necessarily need to reach all nodes. As long as they reach many nodes, they will get into a block before long. Block broadcasts are also tolerant of dropped messages. If a node does not receive a block, it will request it when it receives the next block and realizes it missed one.