What makes blockchain immutable?

What makes blockchain immutable?

Note: This article is intended to be understandable by non-technical readers, to gain a very technical understanding, refer to our blockchain bootcamp after reading this article.

Contrary to popular belief, blockchains are not immutable because of cryptography, but because of economic incentives. Cryptography is just a nice tool that makes the economic incentive easier to apply.

How can a file be immutable?

A blockchain is a file at the end of the day — it’s a file that contains the transaction history of the network. And we all know that files can be edited. So what makes blockchains immutable?

If you store the same file across thousands of independent computers, and those computers don’t collude with each other, making an identical change on all of the computers is infeasible.

If you make a change on one computer (such as deleting a transaction), the file on that computer won’t match what the other computers have.

The next step to immutability is making changes easy to detect. Blockchains are gigabytes large, so sending an entire file across the network each time you need to compare notes to see if history was tampered with would be too costly.

All files can be succinctly represented with a hash function. A hash function takes an arbitrary file and outputs a number between 0 and

115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,935.

You can think of a Hash Function as generating a digital fingerprint for a large file. If even one-bit changes in the file, the fingerprint will be a totally different number. Thus, it is easy to see if the file changed just by looking at the number.

It’s generated by taking a sliding window over the file and using the file contents to trigger a “scramble” of the large number. Change just one letter, and the scramble will be entirely different. An animation is provided here

For example, it’s easy for you to compare the following two numbers and see:

25699748482000334349659950178510113434625287339471322686429384401650686920510

is not the same number as

111615780842736058021275746192495359629127277574153577922775094394736461370563.

When you see two different very large numbers, you see the two different files it fingerprinted are different.

These very large numbers are referred to as blockhashes.

File → Hash Function → Very Large Number

If you use a block explorer like etherscan.io, you’ll see this Very Large Number referred to as the blockhash. That’s what we’ll call it for the rest of the article.

Instead of sharing the entire file, computers in the network share the blockhash.

Transaction Sequence

When a computer shares a transaction, it needs to share three things:

  1. The blockhash before the transaction

  2. The new transaction

  3. The blockhash after the new transaction

If the blockhash in step 1 doesn’t match a computer’s local blockhash, the computer rejects it. If the blockhash in step 3 doesn’t result after the transaction in step 2, the transaction is rejected.

The only way to convince thousands of computers that your number is valid is to use the same blockhash (which represents your history) as the majority of computers. It’s easier to go with the majority than try to convince the majority they are wrong and this immense difficulty of going against the majority is what makes blockchain immutable and secure.

Ensuring non-collusion

Even if you have thousands of computers around the world, if those computers are actually all controlled by a single entity, then making a change to the blockchain history would be easy for the controlling entity.

The key is to make it hard for one person to participate in a majority of the network. This is what we refer to as “decentralization”

Bitcoin uses a lot of electricity by design, because it is assumed that no single entity can consume a majority of the energy globally.

Ethereum uses proof of stake (you need to lock up Ethereum to participate in the Ethereum) because it is assumed that nobody can buy the majority of the Ethereum and lock it up to control a majority of the computers in the network.

The fewer participants there are in the network, the more likely collusion becomes, which is why blockchains with lots of computers in the network advertise that number.

Relationship with distributed ledger

Blockchains are sometimes referred to as “distributed ledgers.” or in other words, distributed and widely-accepted transaction histories. This is key because being distributed is an important part of being immutable.

As we saw in the first section, unless several copies of the blockchain file are stored around the globe by non-colluding participants, then the file can be mutated.

If a file is managed by only a few computers, then it isn’t really distributed, and thus isn’t really a blockchain.

Economic incentive

A computer in the network will not include a transaction in the network if it believes it would harm itself. For example, you run a computer in the network, and you see an incoming transaction that says “Bob suddenly has a million dollars out of nowhere.” Someone getting money for free (and missing out on the profit) is not something most computers would feel good about, so they reject the transaction and don’t accept blockhashes that correspond to a history containing that transaction. Knowing people won’t accept you inventing transactions that are illegitimately favorable to you discourages people from trying to include transactions like that.

But what if all the computers got together and said “let’s each print ourselves a million coins?” A very interesting economic phenomenon happens: the value of the currency doesn’t change.

Imagine one day the government says “everyone can trade their one dollar bills for ten neo-dollars, 5 dollar bills for 50-neo dollars, and so forth.” What would happen to the value of the currency? Nothing! The price of everything in the economy would simply have another zero in front of it and things would proceed as normal.

For this kind of collusion to happen, everyone needs to agree on exactly how much extra money they will all get. If there is a disagreement, then everyone will have different blockhashes representing their history. If there is a disagreement like that, the network will grind to a halt, because the Transaction Sequence above won’t work anymore. If the network breaks, then everyone loses their money in the system, so there is an incentive to not break the network.

When economic incentive isn’t sufficient

To show immutability is primarily economic, not cryptographic, imagine a group of college students starting a new blockchain, let’s call it college-coin. Their collective net worth is less than $20,000. Then I come along as an evil billionaire with an offer they cannot refuse: give them each $20,000 to edit the blockchain exactly as I want. This is an offer they cannot refuse.

Because they all make identical edits, they all get an identical blockhashes, and the network proceeds as normal. People then show each other this new blockhash when they make transactions, and everyone can spend money normally — but with the new item I added to the history.

Small blockchains with insufficient economic incentives are vulnerable to attacks like these.

Mutual Self Interest

If you tamper with your file, your blockhash won’t match what the rest of the computers have. And if your blockhash doesn’t match what the other computer’s have, you won’t be able to spend money.

Because every participant is incentivized to not tamper with their local copy of the blockchain (and thus get cut off from spending money), the blockchain does not get tampered with. This is what causes the blockchain to be immutable.

All computer files are mutable. But if you put the appropriate economic incentives in place, people won’t change them.