Figure 1. Proof of work allows multiple miners to secure the blockchain without relying on a single central authority.
Q1: Why is relying on one “Lisa” problematic with respect to transaction censorship?
With one single miner (Lisa), that miner becomes a central authority who can censor transactions, for example, refusing to include payments for cookies. Multiple miners allow a user to send transactions to any of them, making censorship much harder.
Q2: How do we replace Lisa’s single authority with multiple block producers?
By letting anybody become a miner. Each miner competes to produce the next block, so no single person can decide unilaterally what transactions to include.
Q3: What was the "lucky number" approach, and why was it naive?
The lucky number approach had each miner pick random numbers hoping to “draw” a low-enough number to publish a block. It was naive because no one could prove the miner was being honest in its number drawing. Cheating was undetectable.
Q4: What does proof of work do differently?
Instead of trusting random-number drawing, miners must find a block header whose double SHA256 hash is below a certain target. Verifiers can easily confirm a valid block header by re-hashing. It's proof the miner did the required (hard) work.
Q5: Why do we need to adjust the proof-of-work target every so often?
More miners join, or miners add more hardware, changing the total hashrate. If hashrate grows, blocks are found too quickly, accelerating money creation. Difficulty adjustments keep the block time ~10 minutes.
Q6: How is the new target calculated?
After each 2,016-block period (“retarget period”), the protocol checks how long that period took compared to the intended two weeks (14 days). It adjusts the target proportionally (with limits of ×4 or ÷4 at most) to bring the block production rate back to ~10 minutes.
Q7: How do miners occasionally produce blocks on different branches?
Sometimes two miners find a valid proof of work at nearly the same time. Each publishes its block. Now there are two valid blocks at the same height—a split.
Q8: How is such a split resolved?
Eventually another block is found and published atop one of these competing blocks. Whichever branch becomes longer (or has the most accumulated proof of work) is accepted by all miners. The shorter branch is abandoned (“becomes stale”).
Q9: How can a miner with some hashrate attempt a double spend?
By secretly creating a competing chain containing a conflicting transaction. Once the victim sees confirmations on the honest chain and hands over goods, the attacker tries to release the secret chain that excludes (or conflicts with) the honest transaction, reversing it.
Q10: Why do merchants wait for multiple confirmations?
The more blocks confirm a transaction, the harder it is for an attacker to produce a stronger private chain from that transaction's ancestor block onward—especially if the attacker has < 50% of the total hashrate.
Q11: Why do transactions include fees?
Q12: How does a miner collect these transaction fees?
By adding them to the coinbase transaction. The total output of the coinbase is the block subsidy (newly minted) plus the sum of all transactions' fees in that block.
End of Study Notes for Chapter 7. We now have a decentralized proof-of-work mining system where miners compete to produce blocks and collect rewards, making transaction censorship much harder!