James A. Donald wrote:
> The core concept is that lots of entities keep complete and consistent
> information as to who owns which bitcoins.
> But maintaining consistency is tricky. It is not clear to me what
> happens when someone reports one transaction to one maintainer, and
> someone else transports another transaction to another maintainer. The
> transaction cannot be known to be valid until it has been incorporated
> into a globally shared view of all past transactions, and no one can
> know that a globally shared view of all past transactions is globally
> shared until after some time has passed, and after many new
> transactions have arrived.
> Did you explain how to do this, and it just passed over my head, or
> were you confident it could be done, and a bit vague as to the details?
The proof-of-work chain is the solution to the synchronisation problem, and to
knowing what the globally shared view is without having to trust anyone.
A transaction will quickly propagate throughout the network, so if two versions
of the same transaction were reported at close to the same time, the one with
the head start would have a big advantage in reaching many more nodes first.
Nodes will only accept the first one they see, refusing the second one to
arrive, so the earlier transaction would have many more nodes working on
incorporating it into the next proof-of-work. In effect, each node votes for
its viewpoint of which transaction it saw first by including it in its
If the transactions did come at exactly the same time and there was an even
split, it's a toss up based on which gets into a proof-of-work first, and that
decides which is valid.
When a node finds a proof-of-work, the new block is propagated throughout the
network and everyone adds it to the chain and starts working on the next block
after it. Any nodes that had the other transaction will stop trying to include
it in a block, since it's now invalid according to the accepted chain.
The proof-of-work chain is itself self-evident proof that it came from the
globally shared view. Only the majority of the network together has enough CPU
power to generate such a difficult chain of proof-of-work. Any user, upon
receiving the proof-of-work chain, can see what the majority of the network has
approved. Once a transaction is hashed into a link that's a few links back in
the chain, it is firmly etched into the global history.
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]