If your friend shows you a medal and says that it proves he’s run a marathon, you might not totally believe him. Yeah, your friend is fit and the medal looks legit; however, this piece of metal does not actually prove that he’s run the 26.2 miles.
This scepticism may seem like semantic hair-splitting, but in the mathematical context of Bitcoin, it is important: yes, it’s extremely likely that a ‘proof of work’ one receives on the internet has been obtained by a hard-working computer; however, this special digital string does not actually prove the work done to obtain it. This cryptographic scheme is basically trial and error. So, it is always possible that the string has been found without doing much work or even in a single hash operation. Similarly, it is always possible that your friend just found the medal at a flea market.
Despite this, people refer to the ‘proof of work’ as what this expression literally means, a proof of work [1]. Experts define it as a ‘form of cryptographic proof in which one party (the prover) proves to others (the verifiers) that a certain amount of a specific computational effort has been expended’. In this view, the reason someone values a medal is not its intrinsic, unique properties, but its relation to a (questionable) story of accomplishment.
In Bitcoin, computers are said to use proof-of-work to ‘secure the network’. This is another intuitive expression that doesn’t reflect the reality of the Bitcoin network, which is peer-to-peer and voluntary. What ‘securing the network’ means specifically in this context is ‘ensuring the integrity and immutability’ of a distributed accounting ledger called the ‘blockchain’. To follow the same analogy, the blockchain is like a medal collection guarded by a team of marathon runners, the Bitcoin Network, whose job is to finish more marathons than other teams. When they see the huge collection on the wall of the Bitcoin team, the other teams are deterred from trying to finish marathons to impose their own medal collection. The Bitcoin Blockchain is thus secure.
But this perspective is wrong. The reason why nodes accept the blockchain is not that it proves the collective effort of Bitcoin miners; they accept it because it is a unique collection of data with its own cryptographic (mathematically provable) integrity. The marathon runners are called miners because they are looking for unique digital strings, not for certificates of achievement. They do not run to secure the network but to find real money [3]. Hence, the Bitcoin network is more like a group of people independently looking for a hidden treasure in a forest, a special number that is hiding somewhere in the natural space of possible solutions to a mathematical challenge. There is no network defined a priori that needs securing; rather, the network is defined retrospectively after this economic fact.
Thinking of the Bitcoin network as a team with a common intention confuses Bitcoin with the organised, centrally governed attackers it is supposed to defend itself from. That’s what the Bitcoin network being decentralised means. When a node decides to join it, it is driven by an economic incentive; the network’s security is merely a consequence of all aggregate decisions. As Nakamoto put it, computers or nodes can ‘leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone’ [2]. This acceptance cannot rest on computational work because the longest chain does not actually prove or measure work.
(This short piece is based on my research article: Maanmieli, Jose, Unique Memory: Bitcoin and the Concept of Money (January 3, 2024). Available at SSRN: https://ssrn.com/abstract=4683277)
References
[1] Jakobsson, M., & Juels, A. 1999 Proofs of work and bread pudding protocols. In Secure information networks: Communications and Multimedia Security. Springer.
[2] Nakamoto, S. 2008 Bitcoin: A peer-to-peer electronic cash system. Bitcoin Project. https://bitcoin.org/bitcoin.pdf
[3] Maanmieli, J. 2019 Money is a token of cooperation: The biology of indirect exchanges. Alethes.net. https://alethes.net/journals/money-is-a-token-of-cooperation.