Introduction to

Blockchain
CSEg5304
CHAPTER FOUR
ADAMA SCIENC E AND TECHNOLOGY UNIVER SIT Y
COEEC – CSE DEPART M E NT
Outline
CONSENSUS MECHANISMS
 Distributed Consensus
 Consensus Mechanisms and Algorithms
 Proof of Work and Proof of Stake
 Other Consensus Algorithms
 The Byzantine Generals Problem and CAP Theorem
 Mining, Mining Systems, Mining Pools
 Consensus Attacks
 Layer 2 Solutions & Sharding
Consensus
 Consensus is the backbone of a blockchain and, as a result, it provides decentralization of control
through an optional process known as Mining.
 The choice of the consensus algorithm is also governed by the type of blockchain in use; that is,
not all consensus mechanisms are suitable for all types of blockchains.
For example, in public permissionless blockchains, it would make sense to use PoW. Therefore, it
is essential to choose an appropriate consensus algorithm for a particular blockchain project.
 Consensus is a process of agreement between distrusting nodes on the final state of data.
To achieve consensus, different algorithms are used. It is easy to reach an agreement between
two nodes (in client-server systems, for example), but when multiple nodes are participating in a
distributed system and they need to agree on a single value, it becomes quite a challenge to
achieve consensus.
This process of attaining agreement common state or value among multiple nodes despite the
failure of some nodes is known as Distributed Consensus.
 Consensus Mechanism
 A Consensus Mechanism is a set of steps that are taken by most or all nodes in a blockchain to agree on a
proposed state or value. Consensus mechanisms have most recently come into the limelight and gained
considerable popularity with the advent of blockchain and Bitcoin.
 There are various requirements that must be met to provide the desired results in a consensus
mechanism. The following describes these requirements:
 Agreement: All honest nodes decide on the same value
 Termination: All honest nodes terminate execution of the consensus process and eventually reach a
decision
 Validity: The value agreed upon by all honest nodes must be the same as the initial value proposed by
at least one honest node
 Fault tolerant: The consensus algorithm should be able to run in the presence of faulty or malicious
nodes (Byzantine nodes)
 Integrity: This is a requirement that no node can make the decision more than once in a single
consensus cycle

4
Types of Consensus Mechanisms
 All consensus mechanisms are developed to deal with faults in a distributed system and to allow
distributed systems to reach a final state of agreement.
There are two general categories of consensus mechanisms. These categories deal with all types of
faults (fail stop type or arbitrary).
These common types of consensus mechanisms are as follows:
 Traditional Byzantine Fault Tolerance (BFT)-based: With no compute-intensive operations, such
as partial hash inversion (as in Bitcoin PoW), this method relies on a simple scheme of nodes that
are publisher-signed messages. Eventually, when a certain number of messages are received, then
an agreement is reached. This class of consensus is also known as the consortium or permissioned
type of consensus mechanism.
Leader election-based (Proof-based, lottery-based, or the Nakamoto consensus): This
arrangement requires nodes to compete in a leader election lottery, and the node that wins
proposes a final value. For example, the PoW used in Bitcoin falls into this category. This category
is also referred to as the fully decentralized or permissionless type of consensus mechanism.

5
Consensus in Blockchain
 Consensus is a distributed computing concept that has been used in blockchain in order to
provide a means of agreeing to a single version of the truth by all peers on the blockchain
network.
 BFT-based consensus mechanisms perform well when there are a limited number of nodes,
but they do not scale well.
 On the other hand, leader-election lottery based (PoW) type consensus mechanisms scale very
well but perform very slowly.
 As there is significant research being conducted in this area, new types of consensus
mechanism are also emerging, such as the semi-decentralized type, which is used in the Ripple
network.
 There are also various other proposals out there, which are trying to find the right balance
between scalability and performance. Some notable projects include PBFT, Hybrid BFT,
BlockDAG, Tezos, and Stellar.

6
Consensus Algorithms
The consensus algorithms available today, or that are being researched in the context of
blockchain, are presented here.
 Proof of Work (PoW): This type of consensus mechanism relies on proof that
adequate computational resources have been spent before proposing a value for
acceptance by the network. This scheme is used in Bitcoin, Litecoin, and other
cryptocurrency blockchains. Currently, it is the only algorithm that has proven to be
astonishingly successful against any collusion attacks on a blockchain network, such as
the Sybil attack.
 Proof of Stake (PoS): This algorithm works on the idea that a node or user has an
adequate stake in the system; that is, the user has invested enough in the system so that
any malicious attempt by that user would outweigh the benefits of performing such an
attack on the network. It is used by Ethereum and other blockchain. Another important
concept in PoS is Coin Age, which is a criterion derived from the amount of time and
number of coins that have not been spent. In this model, the chances of proposing and
signing the next block increase with the coin age.

7
Other Consensus Algorithms
 Delegated Proof of Stake (DPoS): This is an innovation over standard PoS, whereby each node that
has a stake in the system can delegate the validation of a transaction to other nodes by voting. It is
used in the BitShares blockchain.
 Proof of Elapsed Time (PoET): Introduced by Intel in 2016, PoET uses a Trusted Execution
Environment (TEE) to provide randomness and safety in the leader election process via a guaranteed
wait time.
 Proof of Deposit (PoD): In this case, nodes that wish to participate in the network have to make a
security deposit before they can mine and propose blocks. This mechanism is used in the Tendermint
blockchain.
Proof of Importance (PoI): This idea is significant and different from PoS. PoI not only relies on how
large a stake a user has in the system, but it also monitors the usage and movement of tokens by the
user in order to establish a level of trust and importance. It is used in the NEM coin blockchain.
 Federated consensus or Federated Byzantine consensus: This mechanism is used in the Stellar
consensus protocol. Nodes in this protocol retain a group of publicly-trusted peers and propagate only
those transactions that have been validated by the majority of trusted nodes.

8
 Other Consensus Algorithms
 Reputation-based mechanisms: As the name suggests, a leader is elected by the reputation it has
built over time on the network. It is based on the votes of other members.
 PBFT: This mechanism achieves state machine replication, which provides tolerance against
Byzantine nodes.
 Proof of Activity (PoA): This scheme is a combination of PoS and PoW, which ensures that a
stakeholder is selected in a pseudorandom but uniform fashion. This is a comparatively more energy-
efficient mechanism as compared to PoW. It utilizes a new concept called Follow the Satoshi. In this
scheme, PoW and PoS are combined together to achieve consensus and good level of security.
 Proof of Capacity (PoC): This scheme uses hard disk space as a resource to mine the blocks. This is
different from PoW, where CPU resources are used. In in PoC, hard disk space is utilized for mining
and as such is also known as hard drive mining.
Proof of Storage (PoS): This scheme allows for the outsourcing of storage capacity. This scheme is
based on the concept that a particular piece of data is probably stored by a node which serves as a
means to participate in the consensus mechanism.
9
 The Byzantine Generals problem
A node can be defined as an individual player in a distributed system. All nodes are capable of sending and receiving
messages to and from each other. Nodes can be honest, faulty, or malicious, and they have memory and a processor.
A node that exhibits irrational behavior is also known as a Byzantine node after the Byzantine Generals Problem.
In 1982, a thought experiment was proposed by Lamport and others in their research paper, The Byzantine Generals
Problem - whereby a group of army generals who lead different parts of the Byzantine army are planning to attack or
retreat from a city.
The only way of communicating among them is via a messenger. They need to agree to strike at the same time in
order to win. The issue is that one or more generals might be traitors who could send a misleading message.
Therefore, there is a need for a viable mechanism that allows for agreement among the generals, even in the presence
of the treacherous ones, so that the attack can still take place at the same time.
As an analogy to distributed systems, the generals can be considered nodes, the traitors as Byzantine (malicious)
nodes, and the messenger can be thought of as a channel of communication among the generals.
 This problem was solved in 1999 by Castro and Liskov who presented the Practical Byzantine Fault Tolerance (PBFT)
algorithm, where consensus is reached after a certain number of messages are received containing the same signed
content.
This type of inconsistent behavior of Byzantine nodes can be
intentionally malicious, which is detrimental to the operation of the
network. Any unexpected behavior by a node on the network, whether
malicious or not, can be categorized as Byzantine.
A small-scale example of a distributed system is shown in the following
diagram. This distributed system has six nodes out of which one (N4) is a
Byzantine node leading to possible data inconsistency. L2 is a link that is
broken or slow, and this can lead to partition in the network.
The primary challenge in distributed system design is coordination
between nodes and fault tolerance. Even if some of the nodes become
faulty or network links break, the distributed system should be able to
tolerate this and continue to work to achieve the desired result.
This problem has been an active area of distributed system design
research for many years, and several algorithms and mechanisms have
been proposed to overcome these issues. Distributed systems are so
challenging to design that a hypothesis known as the CAP theorem has
been proven
 CAP Theorem
CAP theorem, also known as Brewer's theorem, was introduced by Eric Brewer in 1998 as
conjecture. The theory states that any distributed system cannot have consistency, availability, and
partition tolerance simultaneously:
 Consistency is a property which ensures that all nodes in a distributed system have a single,
current, and identical copy of the data.
 Availability means that the nodes in the system are up, accessible for use, and are accepting
incoming requests and responding with data without any failures as and when required. In
other words, data is available at each node and the nodes are responding to requests.
 Partition Tolerance ensures that if a group of nodes is unable to communicate with other nodes
due to network failures, the distributed system continues to operate correctly. This can occur
due to network and node failures.
It has been proven that a distributed system cannot have consistency, availability, and partition
tolerance simultaneously. This is strange because somehow blockchain manages to achieve all of
these properties—or does it?

12
State Machine Replication
To achieve fault tolerance, replication is used. This is a standard and widely-used method to
achieve fault tolerance.
 Consistency is achieved using consensus algorithms in order to ensure that all nodes have the
same copy of the data. This is also called state machine replication. The blockchain is a means
for achieving State Machine Replication.
In general, there are two types of faults that a node can experience. Both of these types fall
under the broader category of faults that can occur in a distributed system:
 Fail-stop fault: This type of fault occurs when a node merely has crashed. Fail stop faults are the easier
ones to deal with of the two fault types.
 Byzantine faults: The second type of fault is one where the faulty node exhibits malicious or
inconsistent behavior arbitrarily. This type is difficult to handle since it can create confusion due to
misleading information. This can be a result of an attack by adversaries, a software bug, or data
corruption. State machine replication protocols such as PBFT was developed to address this second type
of faults.
Blockchain and CAP Theorem
It seems that the CAP theorem is violated in the blockchain, especially in its most successful
implementation, Bitcoin. However, this is not the case.
In blockchains, consistency is sacrificed in favor of availability and partition tolerance.
In this scenario, Consistency (C) on the blockchain is not achieved simultaneously with
Partition tolerance (P) and Availability (A), but it is achieved over time.
This is called Eventual Consistency, where consistency is achieved as a result of validation from
multiple nodes over time. The concept of mining was introduced in Bitcoin for this purpose.
Mining is a process that facilitates the achievement of consensus by using the PoW consensus
algorithm. At a higher level, mining can be defined as a process that is used to add more blocks
to the blockchain.
Mining
 Mining is a process by which new blocks are added to the blockchain. Blocks contain
transactions that are validated via the mining process by mining nodes on the Bitcoin network.
 This process is resource-intensive due to the requirements of PoW where miners compete in
order to find a number which is less than the difficulty target of the network.
 This difficulty in finding the correct value (also called sometimes the mathematical puzzle) is
there to ensure that the required resources have been spent by miners before a new proposed
block can be accepted.
 New coins are minted by the miners by solving the PoW problem, also known as partial hash
inversion problem.
This process consumes a high amount of resources including computing power and electricity.
This process also secures the system against frauds and double spending attacks while adding
more virtual currency to the Bitcoin ecosystem.

15
 Bitcoin Mining
 Roughly one new block is created (mined) every 10 minutes to control the frequency of generation of
bitcoins. This frequency needs to be maintained by the Bitcoin network and is encoded in the bitcoin core
clients in order to control the money supply.
 Miners are rewarded with new coins if and when they discover new blocks by solving PoW. Miners are paid
transaction fees in return for including transactions in their proposed blocks. New blocks are created at an
approximate fixed rate of every 10 minutes.
 The rate of creation of new bitcoins decreases by 50%, every 210,000 blocks, roughly every 4 years which is
known as Halving.
 Approximately 144 blocks, that is, 1,728 bitcoins are generated per day. The number of actual coins can
vary per day; however, the number of blocks remains at 144 per day.
 Bitcoin supply is also limited and in 2140, almost 21 million bitcoins will be finally created and no new
bitcoins can be created after that. Bitcoin miners, however, will still be able to profit from the ecosystem by
charging transaction fees.
 BTC Halving and
Supply
The maximum number of coins mined is the
upper limit of possible mining rewards for
bitcoin.
The finite and diminishing issuance creates
a fixed monetary supply that resists
inflation. Unlike a fiat currency, which can
be printed in infinite numbers by a central
bank, bitcoin can never be inflated by
printing.
The rewards for mining bitcoin are cut in
half every four years.2 When first mined in
2009, one block would earn you 50 BTC. In
2012, this was halved to 25 BTC. By 2016,
this was halved again to 12.5 BTC. On May
11, 2020, the reward was halved again to
6.25 BTC. The reward has halved again in
April 2024 to 3.125 BTC.
This mechanism is hardcoded in Bitcoin to
regulate, control inflation and limit the
supply of bitcoins.

17
Mining the Block
 When a candidate block has been constructed by a node, it is time for the hardware mining rig
to “mine” the block, to find a solution to the Proof-of-Work algorithm that makes the block
valid.
 The hash function SHA256 is the function used in bitcoin’s mining process.
 You can take Mining as the process of hashing the block header repeatedly, changing one
parameter, until the resulting hash matches a specific target.
 The hash function’s result cannot be determined in advance, nor can a pattern be created that
will produce a specific hash value.
This feature of hash functions means that the only way to produce a hash result matching a
specific target is to try again and again, randomly modifying the input until the desired hash
result appears by chance.

18
 Tasks of the Miners
Once a node connects to the bitcoin network, there are several tasks that a bitcoin miner performs:
1. Synching up with the network: Once a new node joins the bitcoin network, it downloads the blockchain by
requesting historical blocks from other nodes.
2. Transaction validation: Transactions broadcasted on the network are validated by full nodes by verifying and
validating signatures and outputs.
3. Block validation: Miners and full nodes can start validating blocks received by them by evaluating them against
certain rules. This includes the verification of each transaction in the block along with verification of the nonce
value.
4. Create a new block: Miners propose a new block by combining transactions broadcasted on the network after
validating them.
5. Perform Proof of Work: This task is the core of the mining process and this is where miners find a valid block by
solving a computational puzzle. The block header contains a 32-bit nonce field and miners are required to
repeatedly vary the nonce until the resultant hash is less than a predetermined target.
6. Fetch reward: Once a node solves the hash puzzle (PoW), it immediately broadcasts the results, and other nodes
verify it and accept the block.

19
Full Nodes vs Mining Nodes
Full Nodes Mining Nodes
•Maintain a complete copy of the blockchain •Perform the computationally intensive task of
ledger. mining blocks.
•Validate and relay transactions and blocks to other •Compete to solve cryptographic puzzles and add
nodes. new blocks to the blockchain.
•Participate in the consensus process by verifying •Receive block rewards and transaction fees for
transactions and blocks. successfully mining blocks.
•Enhance network decentralization and resilience •Contribute to network security and maintain the
by distributing the ledger. integrity of the blockchain ledger.
•Generally, require less computational power (PC •Demand specialized hardware known as ASICs or
or Raspberry Pi). compared to mining nodes. GPUs for efficient mining operations.
•Primarily focus on storage and network bandwidth •Mining nodes consume more electricity due to
for maintaining a copy of the blockchain and intensive computational requirements, leading to
relaying transactions. higher operational costs.

20
Proof of Work (PoW)
 This is a proof that enough computational resources have been spent in order to build a valid block.
 PoW is based on the idea that a random node is selected every time to create a new block. In this
model, nodes compete with each other in order to be selected in proportion to their computing capacity.
The following equation sums up the PoW requirement in bitcoin:
H ( N || P_hash || Tx || Tx || . . . Tx) < Target
Where N is a nonce, P_hash is a hash of the previous block, Tx represents transactions in the block, and
Target is the target network difficulty value.
This means that the hash of the previously mentioned concatenated fields should be less than the target
hash value.
The only way to find this nonce is the brute force method. Once a certain pattern of a certain number of
zeroes is met by a miner, the block is immediately broadcasted and accepted by other miners.

21
The Mining Algorithm
The mining algorithm consists of the following steps.
1. The previous block's header is retrieved from the bitcoin network.
2. Assemble a set of transactions broadcasted on the network into a block
to be proposed.
3. Compute the double hash of the previous block's header combined
with a nonce and the newly proposed block using the SHA-256 algorithm.
4. Check if the resultant hash is lower than the current difficulty level
(target) then PoW is solved. As a result of successful PoW the discovered
block is broadcasted to the network and miners fetch the reward.
5. If the resultant hash is not less than the current difficulty level (target),
then repeat the process after incrementing the nonce.
Target, Difficulty & Hash rate
 Difficulty indicates how difficult it is to find a hash which is lower than the network difficulty target. All
successfully mined blocks must contain a hash that is less than this target number. This number is
updated every 2 weeks or 2016 blocks to ensure that on average 10-minute block generation time is
maintained.
The Target is a constantly changing number that must always be higher than a valid block hash. The
Difficulty is the average number of attempts required to discover a valid block hash. The network hash
rate refers to how many times per second the miners in the network collectively attempt to generate a
valid block hash.
The Proof-of-Work must produce a hash that is less than the Target. A higher target means it is less
difficult to find a hash that is below the target. A lower target means it is more difficult to find a hash
below the target. The target and difficulty are inversely related.
The Hashing Rate basically represents the rate of calculating hashes per second. In other words, this is
the speed at which miners in the Bitcoin network are calculating hashes to find a block. In early days of
bitcoin, it used to be quite small as CPUs were used. However, with dedicated mining pools and ASICs
now, this has gone up exponentially in the last few years. This has resulted in increased difficulty of the
Bitcoin network.

23
 Difficulty Adjustment
The idea behind difficulty regulation in bitcoin is that a generation of 2016 blocks should take roughly around
two weeks (inter-block time should be around 10 minutes).
If it takes longer than two weeks to mine 2016 blocks, then the difficulty is decreased, and if it takes less than
two weeks to mine 2016 blocks, then the difficulty is increased.
When ASICs were introduced due to a high block generation rate, the difficulty increased exponentially, and
that is one drawback of PoW algorithms that are not ASIC resistant. This leads to mining power centralization.
This also poses another problem; if a new coin starts now with the same PoW based on SHA-256 as bitcoin
uses, then it would be easy for a malicious user to just simply use an ASIC miner and control the entire
network.
Also, multipools pose a more significant threat where a group of miners can automatically switch to the
currency that is becoming profitable. This phenomenon is known as pool hopping.
Pool hopping impacts the network adversely because pool hoppers join the network only when the difficulty
is low and they can gain quick rewards; the moment difficulty goes up (or is readjusted) they hop off and then
come back again when the difficulty is adjusted back.
24
 Mining Systems
Over time, bitcoin miners have used various methods to mine bitcoins. As the core principle behind
mining is based on the double SHA-256 algorithm, overtime experts have developed sophisticated
systems to calculate the hash faster and faster.
The following is a review of the different types of mining methods used in bitcoin and how they evolved
with time.
1. CPU mining - was the first type of mining available in the original bitcoin client. Users could even use
laptop or desktop computers to mine bitcoins. CPU mining is no longer profitable and now more
advanced mining methods such as ASIC-based mining is used. CPU mining only lasted for around just
over a year since the introduction of Bitcoin and soon other methods were explored and tried by the
miners.
2. GPU Mining - Due to the increased difficulty of the bitcoin network and the general tendency of
finding faster methods to mine, miners started to use GPUs or graphics cards available in PCs to
perform mining. GPUs support faster and parallelized calculations that are usually programmed using
the OpenCL language. This turned out to be a faster option as compared to CPUs. Users also used
techniques such as overclocking to gain maximum benefit of the GPU power. Also, the possibility of
using multiple graphics cards increased the popularity of graphics cards' usage for bitcoin mining.

25
3. FPGA – Field Programmable Gate Array (FPGA) is basically an integrated circuit that can be
programmed to perform specific operations. FPGAs are usually programmed in Hardware Description
Languages (HDLs), such as Verilog and VHDL. Double SHA-256 quickly became an attractive
programming task for FPGA programmers and several open source projects started too. FPGA offered
much better performance as compared to GPUs; however, issues such as accessibility, programming
difficulty, and the requirement for specialized knowledge to program and configure FPGAs resulted in a
short life of the FPGA era for bitcoin mining.
4. ASIC Mining - Application Specific Integrated Circuit (ASIC) was designed to perform the SHA-256
operation. These special chips were sold by various manufacturers and offered a very high hashing rate.
This worked for some time, but due to the quickly increasing mining difficulty level, single-unit ASICs are
no longer profitable. Currently, mining is out of the reach of individuals as vast amounts of energy and
money is needed to be spent in order to build a profitable mining platform. Now professional mining
centers using thousands of ASIC units in parallel are offering mining contracts to users to perform
mining on their behalf. There is no technical limitation, a single user can run thousands of ASICs in
parallel but it will require dedicated data centers and hardware, therefore, cost for a single individual
can become prohibitive.
26
 Mining Pools
A mining pool forms when group of miners work together to mine a block. The pool manager receives
the coinbase transaction if the block is successfully mined, which is then responsible for distributing the
reward to the group of miners who invested resources to mine the block.
This is profitable as compared to solo mining, where only one sole miner is trying to solve the partial
hash inversion function (hash puzzle) because, in mining pools, the reward is paid to each member of the
pool regardless of whether they (more specifically, their individual node) solved the puzzle or not.
There are various models that a mining pool manager can use to pay to the miners, such as the Pay Per
Share (PPS) model and the proportional model. In the PPS model, the mining pool manager pays a flat fee
to all miners who participated in the mining exercise, whereas in the proportional model, the share is
calculated based on the amount of computing resources spent to solve the hash puzzle.
Many commercial pools now exist and provide mining service contracts via the cloud and easy-to-use
web interfaces. Some commonly used ones include AntPool and F2Pool.
Mining centralization can occur if a pool manages to control more than 51% of the network by
generating more than 51% hash rate of the Bitcoin network.
27
 Mining pools coordinate many hundreds or thousands of miners, over specialized pool-mining
protocols. The individual miners configure their mining equipment to connect to a pool server, after
creating an account with the pool. Their mining hardware remains connected to the pool server while
mining, synchronizing their efforts with the other miners.
 Successful blocks pay the reward to a pool bitcoin address, rather than individual miners. The pool
server will periodically make payments to the miners’ bitcoin addresses, once their share of the
rewards has reached a certain threshold. Typically, the pool server charges a percentage fee of the
rewards for providing the pool-mining service.
 Miners participating in a pool split the work of searching for a solution to a candidate block, earning
“shares” for their mining contribution.
 The mining pool sets a higher target (lower difficulty) for earning a share, typically more than 1,000
times easier than the bitcoin network’s target. When someone in the pool successfully mines a block,
the reward is earned by the pool and then shared with all miners in proportion to the number of
shares they contributed to the effort.

28
 Managed Pools
 Most mining pools are
“managed,” meaning that there is a
company or individual running a
pool server. The owner of the pool
server is called the pool operator,
and he charges pool miners a
percentage fee of the earnings.
 Managed pools create the
possibility of cheating by the pool
operator, who might direct the pool
effort to double-spend transactions
or invalidate blocks.
Furthermore, centralized pool
servers represent a single point-of-
failure. If the pool server is down or
is slowed by a denial-of-service
attack, the pool miners cannot
mine.

29
Peer-to-peer mining pool (P2Pool)
 In 2011, to resolve these issues of pool centralization, a new pool mining method was proposed and
implemented: P2Pool, a peer-to-peer mining pool without a central operator.
P2Pool works by decentralizing the functions of the pool server, implementing a parallel blockchain-
like system called a share chain.
A share chain is a blockchain running at a lower difficulty than the bitcoin blockchain. The share chain
allows pool miners to collaborate in a decentralized pool by mining shares on the share chain at a rate
of one share block every 30 seconds.
Each of the blocks on the share chain records a proportionate share reward for the pool miners who
contribute work, carrying the shares forward from the previous share block.
When one of the share blocks also achieves the bitcoin network target, it is propagated and included
on the bitcoin blockchain, rewarding all the pool miners who contributed to all the shares that
preceded the winning share block.
Essentially, instead of a pool server keeping track of pool miner shares and rewards, the share chain
allows all pool miners to keep track of all shares using a decentralized consensus mechanism like
bitcoin’s block‐ chain consensus mechanism.

30
Consensus Attacks
 Bitcoin’s consensus mechanism is, at least theoretically, vulnerable to attack by miners (or pools)
that attempt to use their hashing power to dishonest or destructive ends.
 If a miner or group of miners can achieve a significant share of the mining power, they can attack
the consensus mechanism so as to disrupt the security and availability of the bitcoin network.
 It is important to note that consensus attacks can only affect future consensus, or at best, the most
recent past (tens of blocks). Bitcoin’s ledger becomes more and more immutable as time passes.
 Consensus attacks also do not affect the security of the private keys and signing algorithm (ECDSA).
A consensus attack cannot steal bitcoin, spend bitcoin without signatures, redirect bitcoin, or
otherwise change past transactions or ownership records.
Consensus attacks can only affect the most recent blocks and cause denial-of-service disruptions on
the creation of future blocks.

31
The 51% Attack
 One attack scenario against the consensus mechanism is called the “51% attack.”
 In this scenario a group of miners, controlling a majority (51%) of the total network’s hashing power,
collude to attack bitcoin. If, somehow, an attacker were able to amass 51% of the mining power on a
blockchain, the attacker could feasibly create phony transactions.
 On major blockchains today, a 51% attack is highly unlikely. Established, valuable currencies already have
tens of thousands of miners with incredible amounts of computing power. In order to gain 51% of the
computing power on the mining network, you’d need to invest millions of dollars in hardware.
 A 51% attack can result in successful double-spending attacks, and it can impact consensus and in fact
impose another version of transaction history on the Bitcoin network.
 This event has happened once in the Bitcoin history when [Link], a large mining pool, managed to
acquire more than 51% of the network capacity.
 Theoretical solutions, such as two-phase PoW have been proposed in academia to disincentivize large
mining pools. This scheme introduces a second cryptographic puzzle that results in mining pools to either
reveal their private keys or provide a considerable portion of the hash rate of their mining pool, thus
reducing the overall hash rate of the pool.

32
Proof of Stake (PoS)
This proof is also called virtual mining. This is another type of mining puzzle that has been proposed
as an alternative to traditional PoW schemes.
In this scheme, the idea is that users are required to demonstrate possession of a certain amount of
currency (coins) thus proving that they have a stake in the coin.
 In PoS, the process of adding new blocks to the blockchain and confirming transactions relies on
participants "staking" their cryptocurrency rather than performing energy-intensive computations.
The simplest form of the stake is where mining is made comparatively easier for those users who
demonstrably own larger amounts of digital currency.
The benefits of this scheme are two-fold;
 Acquiring large amounts of digital currency is relatively difficult as compared to buying high-end ASIC devices
and
 Results in saving computational resources.
Different type of stakes is introduced in the following slide.

33
Various Stake Types in PoS
Proof of Coinage
The age of a coin is the time since the coins were last used or held. This is a different approach
from the usual form of PoS where mining is made easier for users who have the highest stake in
the altcoin. The miner is rewarded for holding and not spending coins for a period of time.
Proof of Deposit (PoD)
The core idea behind this scheme is that newly minted blocks by miners are made unspendable
for a certain period. More precisely the coins get locked for a set number of blocks during the
mining operation. The scheme works by allowing miners to perform mining at the cost of
freezing a certain number of coins for some time.
 Proof of Burn (PoB)
PoB, in fact, destroys a certain number of coins to get equivalent altcoins. This is commonly
used when starting up a new coin projects as a means to provide a fair initial distribution. This
can be considered an alternative mining scheme where the value of the new coins comes from
the fact that previously a certain number of coins have been destroyed.

34
Aspect Proof of Work (PoW) Proof of Stake (PoS)
Miners compete to solve complex cryptographic Validators are selected to propose and validate blocks
Core Mechanism
puzzles (SHA-256 hashing) to validate blocks. based on the amount of cryptocurrency they stake.
Requires significant computational power and energy Minimal computational resources; relies on economic
Resource Use
(e.g., GPUs, ASICs) to find a valid nonce. stake rather than hardware.
First miner to solve the puzzle adds the block; others Selected validator proposes a block; others confirm its
Block Creation
verify the solution. validity based on consensus rules.
Miners earn block rewards (e.g., 6.25 BTC currently) Validators earn transaction fees and sometimes block
Reward System
plus transaction fees. rewards, proportional to stake in some systems.
Secured by computational difficulty; 51% attack Secured by economic stake; 51% attack requires
Security
requires controlling majority of hash power. owning majority of staked coins, which is costlier.
Energy High (e.g., Bitcoin network consumes ~150 TWh/year, Low (e.g., Ethereum PoS uses ~99.95% less energy than
Consumption comparable to small countries). its PoW phase).
Probabilistic; longest chain with most work wins (e.g., Deterministic; often includes finality (e.g., Casper’s
Consensus Process
Nakamoto consensus). checkpointing in Ethereum).
Double-spending countered by high cost of re-mining Slashing penalizes misbehavior (e.g., invalid blocks or
Attack Mitigation
blocks; selfish mining risks exist. forks); "nothing-at-stake" mitigated by design.
Hardware Specialized hardware (e.g., ASICs for Bitcoin) increases Standard hardware (e.g., a laptop) sufficient; entry
Requirement entry barriers. depends on coin ownership.
Limited by block time and size (e.g., Bitcoin: ~10 min Higher throughput potential (e.g., Ethereum PoS: ~12
Scalability
blocks, 1 MB limit). sec blocks, adaptable capacity).
Mining pools can concentrate power (e.g., top pools Large stakeholders may dominate; mitigated by
Centralization Risk
control >50% of Bitcoin hash rate). randomization or delegation (e.g., DPoS).
Examples Bitcoin, pre-merge Ethereum, Litecoin. Ethereum (post-2022), Cardano, Tezos, Cosmos.
Layer 2 Solutions
Layer 2 (L2) refers to off-chain scaling solutions built on top of a Layer 1 blockchain (e.g., Bitcoin,
Ethereum) to process transactions more efficiently while still leveraging the base layer’s security.
Transactions are handled off-chain, with only periodic updates or summaries recorded on-chain.
How It Works
[Link]-Chain Processing: Transactions occur outside the main blockchain in a secondary
framework, reducing the load on Layer 1.
[Link] to Layer 1: The L2 system periodically submits proofs or summaries (e.g.,
commitments) to the base layer to ensure security and finality.
[Link] Models: L2 solutions vary in trust assumptions—some rely on centralized operators (e.g.,
custodians), while others use cryptographic proofs (e.g., zero-knowledge proofs).
 Layer 2 Benefits and Examples
Scalability: Processes 100s–1000s of transactions per second (TPS) vs. Layer 1’s 7 TPS (Bitcoin) or 15–30 TPS
(Ethereum).
Cost: Reduces gas fees by batching transactions.
Security: Relies on Layer 1 for dispute resolution or cryptographic anchoring.
Examples of Layer 2 solutions
1. Lightning Network (Bitcoin): A payment channel network where users open two-party channels off-chain.
Transactions occur instantly between parties; only the net result (channel closure) is settled on-chain.
2. Rollups (Ethereum):
Optimistic Rollups: Bundle (or "roll up") thousands of transactions off-chain, posting minimal data on-chain.
Assumes validity unless challenged via fraud proofs within a dispute period (e.g., Arbitrum, Optimism).
ZK-Rollups: Use zero-knowledge proofs (e.g., zk-SNARKs) to cryptographically verify off-chain transactions on-chain
(e.g., zkSync, StarkNet). No dispute period—faster finality.
Sharding
Sharding is a Layer 1 scaling technique that partitions a blockchain’s state and transaction processing
into smaller, parallel segments called "shards." It is performed on-chain by modifying Layer1. Each
shard operates independently, increasing the network’s capacity by distributing the workload across
multiple nodes.
How It Works
[Link] Partitioning: The blockchain’s state (e.g., account balances, smart contracts) is split into
shards, each handling a subset of transactions.
[Link] Assignment: Nodes are assigned to specific shards rather than validating the entire chain,
reducing their computational burden.
[Link]-Shard Communication: Transactions spanning shards require coordination (e.g., via a beacon
chain or messaging protocols).
[Link]: Each shard maintains its own consensus, but a main chain or coordinator often ensures
global consistency.
Sharding (cont’d)
Technical Implementation (e.g., Ethereum Sharding)
•Beacon Chain: A central chain coordinates validators and assigns them to shards.
•Shard Chains: Process transactions in parallel (e.g., 64 shards, each handling ~1000 TPS).
•Data Blobs: Shards store transaction data temporarily, with rollups handling execution,
•Cross-Shard Tx: Uses receipts or asynchronous messaging

Benefits
•Scalability: Linear increase with shard count (e.g., 64 shards could boost Ethereum to ~60,000 TPS).
•Decentralization: Nodes only need to store and process a fraction of the chain.
•Parallelization: Transactions are processed concurrently across shards.