Blockchains exist because Bitcoin solved the Byzantine General’s Problem. The thought experiment is this: imagine a city under attack by four generals. If all the generals attack at the same time, they are guaranteed to win and capture the city. If they attack at different times, they lose. They can send each other messages, but one of the generals is a traitor. There is no way to tell whether a message is legitimate and from one of the honest generals, or if the message is, in fact, a trick from the enemy.
So how do you solve this problem? How do you defend the truth from fakes, frauds, and saboteurs? Satoshi Nakamoto’s answer was to create a game with three elements: randomness, costs, and rewards. First you set up a hard puzzle that gets increasingly difficult as more people try to figure it out. The puzzle is based on the SHA-256 hashing algorithm and the only computers capable of successfully mining for the answers today are specially made ones called Application Specific Integrated Circuits or ASICs. SHA-256 provides the randomness because each problem and solution is unpredictable. Buying, maintaining, and powering the ASICs are the costs. The rewards are the bitcoins (BTC) themselves. Everyone must pay to play. Only players who follow the rules can win. Who wins each round is random.
Back to the generals. Imagine each general has a mathematician with them called a cryptographer who can solve these math puzzles in about ten minutes. These expert cryptographers are highly skilled, rare, and expensive to employ. The generals are in constant communication via raven or pigeon or some other clever flying creature. Each cryptographer works on the puzzle via trial and error. Every ten minutes, one of them reaches the correct answer, and they all get a new puzzle.
The communication they send off also contains the message (attack or not) and a signature from the general. The cryptographers can translate all this info: the message, the signature, and the puzzle’s solution into a single number. But before this happens, they check the signatures and messages. If the signature is not valid, it is easy to tell, and the message automatically gets rejected, never making it into the final number.
The first general to send off the solution that gets verified by the other generals wins, let’s say, some caffeinated beverage to keep the cryptographers going. The traitor is in a tough position. If he tries to cheat or offer a fake solution or message, it will be easy to tell, and he will always lose. His cryptographer will eventually become exhausted without a steady supply of ancient Red Bull. They’ll be forced out of the game. If you play this game long enough, and even with many more generals, as long as you assume that at least 51% of the cryptographers create an honest majority, then the truth will consistently show up and the fakes forced out. The game is called Proof of Work (PoW). Energy is needed to play, and energy can only be sustained for so long without replenishment.
Changing the core mechanics of a live network is like switching out a plane’s engine in the air. You wouldn’t do it, and you couldn’t convince other people to follow along unless they all believed the new engine was better. It also reveals a stance on progress. It is okay to pursue change and make something more capable, more efficient, even more fair, if the conditions are right.
Even though Ethereum started with Proof of Work, the network successfully switched to Proof of Stake in 2022. You still need all the same elements to solve the Byzantine General’s Problem: randomness, rewards, and costs. And Ethereum sill rewards players in its native asset: ether (ETH). But randomness is created not as a byproduct of a puzzle that requires massive amounts of computation to solve. Instead, two programs are used specifically to generate and guarantee randomness: RANDAO and Verifiable Delay Functions (VDFs). The result is about 99.9% less electricity needed to power the network. The costs in Ethereum’s Proof of Stake, instead of being machinery and power, are the opportunity cost of staking: the time you don’t get to use your ETH because it’s locked up, which also makes it vulnerable to getting slashed, the punishment for cheating.
Back to the generals. As before, messages (attack or not) still need a signature to be authentic and everything is still communicated in numbers. The game, however, has changed dramatically. In Proof of Work, the cryptographers were stand-ins for the ASICs, specialized super computers used to mine bitcoin. In Proof of Stake, our cryptographers will be stand-ins for staked (locked up) ether inside of ordinary computers. The change in metaphor follows the change in tolerance for breaking the rules. If 51% of the total power of the ASICs wanted to corrupt the network, it could do so. If 2/3 or 66% of the total ether staked wanted to corrupt the network, it could also do so.
Instead of each general needing a rare, expert cryptographer, Ethereum’s generals have many entry-level cryptographers good enough to communicate in the same language and check each other’s work. One game requires common players, the other uncommon. Proof of Stake is also more like an elaborate voting system than a race.
For the sake of the thought experiment, there are still four generals total, and they each have roughly the same amount of power, but now each general controls thousands of cryptographers. In this contest, they must form groups called validators made of 32 cryptographers. Each validator group is like a delegation, a representative for the general. The validators from all the generals are sent to a field full of tents where they will form committees, do math, and vote. The generals are in constant communication with their delegation, still via clever birds, but the cryptographers are not free to leave at any time. They must request and be granted approval to leave the field. The cryptographers are vulnerable. If a group is caught cheating, they are slashed; murdered in our thought experiment.
Each validator group must be on stand-by at all times, ready to vote or pass on new messages by strictly following the rules. Every 6.4 minutes, they form a committee of 128 validators. One of the validator groups in the committee will be selected randomly every 12 seconds to pass on all the messages from the generals, and everyone else in the committee will check the math, signatures, and give their seal of approval or not. When there are enough votes, that validator group and the block of messages it creates become valid. After 32 rounds of voting (every 6.4 minutes), the blocks that have the most votes are solidified as honest. Cryptographers in validator groups who fail to perform are executed, usually one at a time, or limb by limb, and sometimes slowly.
In Proof of Stake, it’s more about the fear of costs that prevents the traitor from spreading lies. A small, innocent-seeming break of the rules is forgivable, only a few cryptographers or limbs are taken. But even a small amount of loss means less representation in later rounds of voting, which means less influence overall. If many validators are caught cheating at around the same time, the system assumes some kind of coordinated coup attempt is taking place. This is a big no-no. The system responds with a mass slashing event. An escalation with the most severe penalty: complete annihilation of the group.
Ethereum is made of hundreds of thousands of unpowerful computers acting as nodes and validators to keep the network suspended in a perpetual state of agreement A power source would always exist, but it could be spread out, hard to predict, and always on the move, with backup plan upon backup plan for what happens if it gets compromised.
A mathematician friend of mine once told me that simplifications are like lies. So, if you’re confused by any of this, know that the whole truth is far more complex than the author can comprehend, so you are not alone. And the heresies continue below.
Cryptography has been used for thousands of years to defend secrets via encryption, a technique we still use today to keep our chats and credit card information private. But the kind of cryptography that made blockchains possible had more to do with the discovery of techniques to restrain truth to a very specific, provable form. A way to verify an authentic message from an honest general. By seeing a few sets of numbers and using a specific set of operations, a cryptographer could know, without reasonable doubt, that the only one way to produce such numbers was to have access to a private key: a secret password.
Let’s take a simple example to illustrate the concept. Even a number like 10 can contain a lot of information. For example, to get to 10 using only addition or multiplication, you could do: 5 + 5; or 5 x 2; or 1 + 2 + 3 + 4; or 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1; 10 x 1; and so on.
There are many paths to 10. ChatGPT tells me there are 42 to be exact if we only use positive whole numbers and addition. It also tells me I need to be more specific with my question because allowing mixed operations (addition and multiplication at the same), permutations where different ordering count as distinct paths, whether to use parentheses for grouping, and defining the order of operations, can all greatly expand the number of ways to get to 10.
What happens if you make the numbers impossibly large, bigger than all the atoms in the universe, if you are only allowed to use certain kinds of numbers, if the numbers can only be manipulated and combined with other numbers in only very specific ways? You get equations complex enough to verify entire computer networks. But you still get repeatable steps. Steps that can be redone or checked using a different, completely independent source following the same rules that traces its logic all the way back to the geometry you learned in high school, which originated about 2300 years ago from a fellow called Euclid.
Math expresses the shared reality of numbers. It can be trusted by friends and enemies alike. Math has its own authority and can be used to create long chains of logic tied to some core mechanism like the agreement engine of Proof of Stake.
Until very recently, technology tended to let us do more with less. This trend continued until we reached the ultimate power, the capacity to destroy the world with a press of a button. Blockchains don’t follow the power-maximization trend. Ethereum never tried to be the fastest, cheapest, or easiest to use. It sacrificed the obvious things to be the most decentralized, which made it the hardest to control so it could be the most “credibly neutral”. It follows a trend more like that of social progress, which limits the abuse of power and attempts to maintain at least some illusion of fairness.
I think one of the most valid criticisms against crypto is that it’s not good for anything. “A solution looking for a problem.” My suspicion is the problems this technology solves do not fit in the world as it currently is. It’s not quite profit-maximizing. It doesn’t recognize national boundaries. If it’s not good for nothing, which is a big if, it may be good for classes of problems where people have either given up looking for solutions or have developed opinions constrained to the current state of the world.
For example, adversaries with nuclear weapons are locked in a deadly game of chicken. No one wants to give up or back down first, especially if tensions are high. Emotions overcome logic when pride and violence are in play. It’s a mad game, but we have never had a better option. If it’s obvious that no one wants nuclear war, then using a neutral set of rules, to restrict any one country from starting a sequence of world-ending events seems logical.
Let’s imagine a set of rules written in code where a nuclear weapon could only be activated if some super majority of 2/3 of the world’s governments said yes (asteroid or alien invasion are obvious use cases). The governments may not trust each other but they should trust a system rooted in the logic of math, which they can all independently verify, and all participate in maintaining. They could keep their arsenals where they are but begin moving control to tamper-proof hardware designed to obey a common set of tamper-proof software. Inspectors could physically investigate every weapon to verify they follow the global consensus. Backup plan after backup plan could be made in case of errors. Rogue actors, cheaters, and others in the dishonest minority could be identified and neutralized.
The game of nuclear chicken still exists, but we could slowly move it from an adversarial game to a cooperative one. Makes sense to me.