It’s often argued that Bitcoin is secure because of the immutability of the blockchain on which the currency is built. That’s all well and good. But for many people, Bitcoin is still a new and unfamiliar technology of which they may be suspicious, and anyone conducting transactions where there’s a large amount of money at stake – for example a multi-million Bitcoin payment – is going to want more credible assurance that things really are secure. Providing such assurance involves understanding the technology and what is actually required to hack it. In this article we take a closer look at the mechanisms involved and discuss how the risks can be quantified − and under what circumstances a Bitcoin transaction can be deemed secure.
The security of a Bitcoin transaction depends, among other things, on the immutability of the underlying blockchain, which is ensured by proof-of-work: appending a new block is computationally expensive, such that the costs of modifying a block with several confirmations (subsequent blocks) should be prohibitive. But for a multi-million transaction, how many confirmations makes the costs really prohibitive?
An attack against proof-of-work consists of the following steps: first executing a payment, then waiting for the number of confirmations agreed upon with the receiver, and finally providing an alternative longer (thus prevailing) version of the blockchain not containing the payment in question (which is then erased). Hence, the attacker must compute a longer fork starting before the block containing the payment in question, and is thus in a race against the main blockchain, which keeps growing. A not-so-good strategy would be for the attacker to start computing the fork only after the required number of confirmations is reached: then, the attacker begins behind, and must catch up in order to rewrite the history. A better strategy would be for the attacker to start computing as soon as the payment is executed: then, the attacker does not begin behind, and must only keep pace in order to write an alternative present. That is already a significant improvement, but the idea of starting computing as soon as possible can be pushed even further.