Security on the blockchain is a big deal: to protect your crypto investments, you should take it seriously. It’s important to hold your crypto safely, which you can do by using things like offline wallet storage and secure password management software. But it’s just as important to assess the security of the crypto itself – that’s how well its blockchain is protected against attacks.
When it comes to blockchain security, bitcoin’s one of the safest: the network has four factors that contribute to this.
When you send bitcoin (the digital currency with a small “b”) over the Bitcoin network (the blockchain with a capital “B”), that transaction is encrypted into a random string of letters and numbers. That string is called a “hash”: a unique code used in cryptography, hence the word cryptocurrency.
Back in 1995, the US National Security Agency (NSA) came up with a Secure Hash Algorithm (SHA) called SHA-01. That was cutting edge security at the time. Today, Bitcoin uses a much stronger hash algorithm called SHA-256.
The process of hashing is basically just converting a message into a secret code: a hash. Let’s say you wanted to encrypt the word “tree.” A hashing function would take those letters and spit out a random output string like “xGhjj67800aa.” To unlock the hash and decipher the message “tree,” you’d need to know the specific key used to encrypt the message in the first place.
Getting back to Bitcoin, the screenshot below shows recent transactions that are currently “unconfirmed” by the network (the next security feature involves the process of confirming transactions – explained below). Notice how the details of each transaction (like the sender and receiver) are encrypted into a hash.
Once you’ve sent bitcoin from one wallet address to another, the blockchain has to update and show that the receiving wallet now owns the coins. This happens in the mining process, which “confirms” transactions on the network through a series of steps.
First, your transaction is grouped into a block of about 2,000 other unconfirmed transactions. That block is locked by an insanely complex cryptographic puzzle that only powerful computers can solve.
Next, miners compete to solve the puzzle through a process called “proof of work” (PoW). The first miner to prove to the network that they have solved the puzzle wins freshly minted bitcoins, along with the transaction fees of every transaction in the block. In doing so, the miner “confirms” the transaction block on the blockchain.
To give you some context of how complex the puzzle is, here’s a look at how it works. The Bitcoin network creates the puzzle by using a bunch of block and transaction data, which involves a whole lot of hashing. Each transaction within the block is hashed together again and again to produce a “Merkle root” – a kind of digital signature for the group of transactions.
The Merkle root is then hashed together with all sorts of other data from the block (including the hash of the last block) to create a 64-character string of letters and numbers. Each character of the string represents a random value, which gives the string an overall value too.
To crack the puzzle, mining software runs billions of computations on that string, adding something called a “nonce” to it each time to change the overall value. They’re looking for a value that’s less than the value of the “difficulty target” – another 64-character string of letters and numbers that sets the difficulty of the puzzle.
Basically, it’s a massive number crunching exercise – and the miner with the most computer power wins.
When it comes to your digital investments, safety comes first. Of course, it’s always a bonus when safety comes wrapped in a pretty little package.
It takes about ten minutes for miners to solve the PoW puzzle and confirm a block of bitcoin transactions. If an attacker wanted to reverse your bitcoin transaction, they’d need more than half the computing power of the entire bitcoin network to out-muscle the other miners. That's possible in theory – but so far, nobody’s done it.
See, it would cost a lot of money to get that much computing power – so the juice wouldn’t be worth the squeeze to reverse a single transaction. Plus, the attacker would only have ten minutes to complete the attack before another block is added to the blockchain. And once that happens, the attacker would have to reverse two blocks to get their hands on your bitcoin. In other words, your transaction becomes exponentially more secure with each subsequent block.
By the time six blocks are confirmed – about an hour after your transaction started – there’s simply no mathematical way for someone to steal that bitcoin through a network attack.
John Nash famously created the Nash Equilibrium: a game theory concept where each player achieves the best personal outcome by doing what’s optimal for everyone playing the game. Bitcoin is such a perfect example of this concept that some have speculated Nash helped create Bitcoin.
I’ll leave you to ponder that one, but here’s why Bitcoin’s game theory makes it so secure: hacking the network would take an obscene amount of resources, and you’d have practically zero chance of success. It’d be far more profitable to take all those resources and simply mine bitcoin. In other words, by doing what’s best for the group (everyone using the bitcoin network), you’d also be doing what’s best for you personally.
The Bitcoin network’s security is multi-layered. Transaction hashing, mining, block confirmations, and game theory all work together to make Bitcoin’s blockchain impenetrable. Since the first transaction block in 2009, the network has never once shut down – and no bitcoin has ever been stolen from the blockchain. Bitcoin’s track record of security speaks for itself.
This guide was produced by Finimize in partnership with Ledger.
Check out Ledger’s mini-website at finimize.com.
Disclaimer: These articles are provided for information purposes only. Occasionally, an opinion about whether to buy or sell a specific investment may be provided. The content is not intended to be a personal recommendation to buy or sell any financial instrument or product, or to adopt any investment strategy as it is not provided based on an assessment of your investing knowledge and experience, your financial situation or your investment objectives. The value of your investments, and the income derived from them, may go down as well as up. You may not get back all the money that you invest. The investments referred to in this article may not be suitable for all investors, and if in doubt, an investor should seek advice from a qualified investment advisor.