Because cryptocurrencies are decentralized, living within the blockchain and on smart contracts, they require automated ways to reach consensus. That consensus is the agreement across the blockchain on the public ledger––everyone agreeing what transactions took place, all without the need for a centralized third party.

But to reach that consensus, there’s a need for a consensus mechanism, a way for blockchain projects to secure themselves against bad actors. The two most popular and well-known consensus mechanisms are “Proof Of Work” (famously used for Bitcoin) and “Proof of Stake” (which Ethereum will transition into). Each is used to confirm transactions independently, and each comes with their own benefits and complications. More specifically, these algorithms determine which node (or computer) in their network can add the next block of transactions to the chain.

Because blockchains are immutable and decentralized, ensuring accuracy, transparency at this core level is critical. So let’s dive into these two methods of blockchain validation – Proof of Work (PoW) and Proof of Stake (PoS) and discuss what each one means from a security-minded perspective.

What Is Proof of Work?

Chances are you’re already familiar with Proof of Work (or PoS): it’s the same concept that has CAPTCHAs set up to prove you’re human. Requiring a bit of work helps ensure that spam is kept to a minimum on networks.

Proof of Work precedes cryptocurrencies––it was actually first created in 1993 to prevent automated spam on an email network. Instead of allowing seamless access, Proof of Work requires some work on the user, forcing out low-effort spammers from accessing the server. 

That required work parallels the “mining” required to unearth precious metals, and Proof of Work is the origin of “Bitcoin mining” as a phrase and concept.

In Proof of Work, a “valid” block is one that meets certain requirements, namely that the hash of its header is below a certain threshold.  Proof of Work miners try multiple different candidate blocks, searching for one that meets these criteria.

When a miner finds a valid block, they broadcast it to the rest of the blockchain network.  Each node in the network then checks that it meets the requirements and validates the transactions that it contains before adding the block to its copy of the digital ledger.

Proof of Work incentivizes miners to search for blocks via block rewards and transaction fees.  Block rewards are a fixed reward paid when a block is created, and transaction fees are paid by users to have their transactions processed and included in the blockchain.

Is Proof of Work Safe?

Proof of Work operates across multiple axes to ensure security and consensus across the blockchain.

First, and most critically, the Work part of Proof of Work is prohibitively expensive. This tremendous cost of energy both prevents low-effort spammers from trying to add invalid transactions to the blockchain, but also forces them to risk their own “work” (and energy) in creating the fake block. If the block doesn’t meet validity requirements (header hash and valid transactions), it will be rejected––costing the would-be bad actor tens of thousands of dollars in wasted energy, as they would not be rewarded for their efforts.

A legitimate node will never accept a version of the blockchain with invalid or double-spent transactions.  However, an attacker could replace one version of a transaction with another by replacing the version of the blockchain that it contains.  Accomplishing this requires the attacker to perform a 51% attack, which requires them to control the majority of the network’s hashpower.  With this hashpower, the attacker can create a longer version of the blockchain than the valid chain, enabling them to replace it under the longest chain rule.

Fortunately, the odds of a 51% attack on a meaningful blockchain such as Bitcoin are very low.  The cost of a one-hour attack on Bitcoin is over $1 million.  As a result, the attack would likely cost an attacker more money than they would make from performing it.

Proof of Work Disadvantages

The largest downside to Proof of Work is the work required to meet the requirements. Bitcoin miners use tremendous amounts of energy to mint each new block within the blockchain. As a result, Proof of Work chains (like Bitcoin) burn tremendous amounts of energy that critics believe could better be used elsewhere.

Currently, Bitcoin consumes more power than small nations, such as Norway and Ukraine.  However, defenders may correctly point out that the majority of Bitcoin energy comes from renewable energy or “trapped” energy that would otherwise go to waste, such as excess energy produced by hydroelectric dams in China during the wet season, when the supply of energy outstrips demand.

What Is Proof of Stake?

Proof of Stake (or PoS)  is less of a democratic free-for-all than Proof of Work; in Proof of Stake, validators are chosen based on how many tokens they hold, based on the premise that by “staking” themselves to the value of the token they have a vested interest in keeping the network trustworthy. 

As a result, Proof of Stake transactions are less demanding in terms of energy and are also significantly faster in transaction speeds. That means quicker, more efficient validation of the continuing blockchain without the exorbitant energy costs associated with Proof of Work models.

Participating as a validator in a Proof of Stake blockchain is also far easier than participating as a miner in a Proof of Work blockchain. Without the expensive hardware and energy consumption Proof of Work blockchains require, Proof of Stake blockchains are more democratic, allowing anyone with the coin and access to a simple computer the ability to participate in consensus.

Is Proof of Stake Safe?

Proof of Stake is safe because those who stake on the network to validate the transactions risk their entire stake. If they’re involved in malicious transactions, not only would they ruin the reputation of the project in which they are already heavily involved, but they would lose everything they held within that stake as well.

Furthermore, staking your coins requires freezing them––in other words, agreeing not to sell them––and taking a long-term investment in a project. Given that rapid price shifts can be affected by large investors (or whales), staking coins provides a different type of safety as well. At least in theory, Proof of Stake models can help prevent rapid sales and tanking of projects. 

Finally, there is an additional vector of safety within Proof of Stake: while the blockchain world values decentralization, the outer world still has the potential to weigh in. Recently, we saw an attempt by the European Union to ban Proof of Work projects in favor of the more energy-efficient Proof of Stake method. While the measure failed, the pushback against Proof of Work models from world governments is worth considering, especially given global concerns over energy.

Conclusion

While Proof of Work represents the most traditional method for protecting blockchain projects, Ethereum’s shift to Proof of Stake will be an incredible opportunity to put that method to a larger test. Whatever consensus mechanism your project uses, be sure to follow best practices and secure your project by working with a blockchain security firm like Halborn. Get in touch at halborn@protonmail.com to speak to one of our blockchain security experts today. 

Rob Behnke
05.10.2022