How does the Bitcoin network maintain security?

Bitcoin was born on November 1, 2008, and has been running for 13 years now, with a market capitalization exceeding $700 billion. Years of impressive rise have made Bitcoin legendary. According to normal institutional operations, the larger the size and the more data, the more susceptible it is to hacker attacks, and the higher the maintenance costs. Bitcoin has no central control and its code is open source, so how does it maintain operational security? And who is maintaining it? Has Bitcoin itself ever had security vulnerabilities? With the Bitcoin network running for so long, has it ever been attacked by hackers?

Bitcoin code Open Source

First, let's talk about Bitcoin code being Open Source.

On November 1, 2008, after the release of the Bitcoin white paper, Satoshi Nakamoto began developing software to implement the rules of the Bitcoin white paper, and in January 2009, packaged the first block, earning a reward of 50 Bitcoins. Bitcoin was officially born, and at the same time, the Bitcoin network was also officially born. In this network, the Bitcoin code can be modified, and the parameters for the initial issuance reward of 50 can also be modified. Hearing this, some may be astonished. Isn't the foundation on which Bitcoin relies its fixed total supply? If it can be changed, isn't that inflation at any time?

But why is no one actually changing it? It's because changing it wouldn't make a difference!

The foundation of Bitcoin and the Bitcoin network's operation is consensus. Bitcoin is based on consensus, and as more people recognize it, its price can rise. The Bitcoin network, based on the consensus of a constant total issuance of 21 million, is what motivates miners to mine. If the rules change, everyone needs to reach a new consensus. If no one accepts the new rules and no one mines under the new rules, value cannot be formed.

In the history of Bitcoin development, have there been proposals to modify the rules that were supported by miners?

Yes, it is. As Bitcoin becomes increasingly accepted, the limitations of its block size and the ability to process only 7 transactions per second have become more apparent. In July 2017, to address the issue of congestion in the Bitcoin network, two factions emerged. One faction advocated for retaining the 1M block size, adopting Segregated Witness to indirectly expand capacity, and using the Lightning Network to alleviate pressure; the other faction called for directly increasing the block size to expand capacity. The two sides could not reach a consensus, leading to the outcome that the latter separated from Bitcoin and ultimately became Bitcoin Cash.

So theoretically, anyone can modify the code and rules. In practice, if no one recognizes it, the modification is useless; if some agree with the modification, then the part that agrees will separate from the Bitcoin network and become a new chain and coin. Therefore, theoretically the issuance parameters of Bitcoin can be modified, but in reality, no one can change them.

02 Bitcoin is not centrally controlled, so who is maintaining the security of the Bitcoin network?

Has Bitcoin itself ever had security vulnerabilities? Bitcoin has no central control; so who maintains the security of the Bitcoin network?

Bitcoin has no central control, but the actual network security, code vulnerability fixes, and upgrades of Bitcoin are maintained by the Core development team. It must be stated that the Core development team is not a centralized company in the traditional sense, but rather consists of some core developers and a Bitcoin development community that includes many short-term contributors, functioning as a non-profit organization. The Bitcoin network has indeed experienced security vulnerabilities, particularly in its early days, but all have been addressed by this organization.

For example, the value overflow incident that occurred on August 15, 2010, is known as the biggest vulnerability in Bitcoin. A core developer discovered that one Bitcoin block recorded two transactions totaling 184.4 billion Bitcoins, bypassing the original Bitcoin verification system. This shocking vulnerability nearly ended Bitcoin's existence, as the total issuance of Bitcoin is only 21 million. The creation of 184.4 billion Bitcoins out of thin air directly shattered the trust basis of Bitcoin. If this vulnerability is not fixed, the value of Bitcoin will immediately drop to 0.

After the vulnerability was exposed, Core developers immediately took action to clear 184.4 billion transaction records, and within 5 hours of the incident, released version 0.3.1 of Bitcoin, fixing the vulnerability with a soft fork. The patched rules ensured that any value overflow transactions would no longer occur. Afterwards, the Bitcoin network experienced some minor vulnerabilities, but they were all fixed one by one.

Why can vulnerabilities be quickly fixed?

In addition to the timely discovery and repair by the Bitcoin Core development team, it is also because the confirmation data rule of Bitcoin is: the longest chain rule, which allows the Bitcoin network to have room for repair. This means that a node's workload can only yield rewards if recognized by other nodes. The more recognition obtained, the longer the generated chain, and the more rewards earned from mining on that chain. Conversely, the less recognition there is, the shorter the chain becomes, and the less likely it is to yield rewards.

The correction of Bitcoin errors is the process where a good chain generates a long chain under consensus, while the bad chain is discarded as a short chain.

So although the Bitcoin network code is Open Source, there is no need to worry about operational security. Because who modifies the rules and code is not important, what matters is gaining recognition.

51% Hash Rate Attack

Since it is the longest chain principle, there is another question. As long as one controls 51% of the computing power, wouldn't it be possible to launch an attack on the Bitcoin network and destroy it?

So what is a 51% hash power attack? It means that originally everyone is mining on one chain, and if a certain person controls more than 51% of the hash power, they can start mining on a new chain, which can completely surpass the original chain in speed. According to the longest chain priority principle, the new chain can replace the old chain as the main chain. All transaction records on the old chain will become invalid.

Why would this become an attack?

This is because if this situation can really happen, then an individual who controls 51% of the hashing power can spend all the coins in their account and record this transaction on the old chain, and then start mining on the new chain (the new chain does not record the transactions of coins that have been spent), allowing the new chain to exceed the length of the old chain. Then the old chain will become invalid, and the expenditures recorded on the old chain will also become invalid. The coins that have been spent are equivalent to still being in their account. This is the famous “double spend attack.”

Imagine this: the money in someone else's account can be repeatedly spent without end. Your own account receives money, but it disappears again and again. Would you still use this cryptocurrency? Definitely not.

So once a double-spending attack occurs and is successful, the credibility of that coin will greatly diminish. If such an attack happens and cannot be prevented, that coin will be directly destroyed, as it will have no security at all. It sounds so terrifying. Has Bitcoin ever suffered from a 51% hash power attack?

No, it hasn't. Why?

This is because Bitcoin has now become a behemoth, and acquiring 51% of the computing power is extremely costly. Furthermore, the return on such a massive investment to attack the Bitcoin network is particularly low. Assuming someone controls 51% of the computing power and initiates an attack, what can they gain? They can only obtain: 1) Modifying their own transaction records, such as double spending; 2) Preventing the confirmation of some or all transactions. However, they cannot generate Bitcoin out of thin air, nor can they alter the amount of Bitcoin produced in each block. By any calculation, this is a significant loss-making venture. Therefore, it is unlikely that anyone would do it.

In addition, Bitcoin has a second layer of protection - full node defense.

In other words: even if there is a bully hash power, it is difficult to destroy the Bitcoin network. Once there is rebellious hash power in the Bitcoin network attempting to change the Bitcoin consensus, the Bitcoin network composed of full nodes can reject these transactions. Therefore, a 51% hash power attack is nearly impossible to occur. The larger the development of the Bitcoin network, the less likely it will happen.

In addition, Bitcoin also has issues such as node malfeasance stealing funds in the Lightning Network, DoS attacks, and other vulnerabilities. The Lightning Network version update in 2019 established a fraud penalty mechanism using the RSMC protocol to fix these vulnerabilities. Once a “thief” attempts to steal funds on the Lightning Network and is detected, they will not only lose the stolen funds but also all the funds in the related channels.

Summary

In summary, the reason why the Bitcoin network has been able to operate securely for so long is not that the Bitcoin network itself is flawless, nor that it has not been attacked, but rather based on its consensus mechanism, longest chain priority principle, the presence of full nodes, and the support of the Bitcoin Core open source, which allows many developers to voluntarily patch vulnerabilities, enabling the Bitcoin network to self-repair and defend against attacks. **$PUFFER **$PUMPBTC **$PUMP **