Let’s imagine we’re kids again, and we’re sitting in the school playground.
We have our Pokemon trading cards out, and decide that we should trade two cards roughly equivalent in value.
There’s nothing particularly tricky about this exchange — we both agree that the trade is fair, I give you my card and you give me yours. Nice and easy.
Being responsible 10-year-olds, we didn’t need to ask the teacher to supervise the exchange and make sure the cards are traded correctly — it’s obvious who now physically owns each of the trading cards, as they’re now in each of our decks.
I can see them. You can see them. We both agree that the trade was successful.
That was pretty straightforward — everyone got what they wanted and no tears were shed.
But now let’s imagine what would happen if we were trading digital Pokemon cards.
Let’s say I had the most valuable card in the game — of which there was only one — and wanted to transfer it to you.
How could you be sure that I didn’t make a copy of it on my computer before sending it to you, making it much less valuable in the process?
What about if I made a thousand copies and I was selling them all as if they were the only one?
There would be no way for you to make sure I wasn’t doing this.
It would be a bad outcome for you, as well as for the Pokemon trading card community as once-rare cards become worthless with oversupply.
Turns out this problem has a name — the double-spending problem.
It arises in just this situation: when exchanging digital goods, how do you know somebody hasn’t sent the same asset to two people simultaneously?
So how do you solve this problem? How can I ensure you that the digital Pokemon card you want me to send hasn’t been duplicated?
Well, we could use a ledger (a record of transactions) to track our trade.
This would need to be controlled by Nintendo, so they could oversee and track every Pokemon trade to make sure nobody is duplicating cards.
However, this approach has a problem.
Now that there’s a third party involved in our trade — a middleman if you will — we’ll always need to go through them to complete our trade.
It’s not just you and me in the schoolyard any more, we need to put our trust in this third party.
We need to trust that they won’t tamper with the ledger.
How can you be certain that the rare card I’m about to give you hasn’t already been duplicated in secret by a Nintendo employee to give to his little brother?
Once again, same outcome — we can’t be 100% sure that nobody has tampered with the ledger.
But here’s a mind-bending idea: what would happen if, instead of keeping the ledger on one computer at Nintendo HQ, we gave a copy of the ledger to every pokemon trader?
Since there are thousands upon thousands of Pokefans around the world, if everybody kept a copy of the ledger, everybody would be notified when I sent my rare card to you.
And the ledgers would say that only one of these cards exists, so if I duplicated it in secret to keep in my account, my copy of the ledger wouldn’t match everyone else’s, so it would be rejected.
Since the ledger isn’t controlled by any one person or company, it becomes increasingly difficult to try and cheat the system.
You’d have to take control of thousands of computers — more than 50% of them — to gain majority consensus and change all their ledger copies at the same time — a very expensive and time-consuming thing to do.
But how would we actually verify that our Pokemon card trade, and all others for that matter, are correct?
Once we send each other our cards, that transaction, as well as a bunch of other recent trades get grouped together into something called a block by the software that coordinates all these ledgers.
This block gets given a timestamp and a digital signature to say that all the trades in this group look legit — for now.
We still need to check that our trade doesn’t conflict with any that happened in the past — e.g. if I already sent my rare card to somebody else earlier (the double spending problem again).
To check this, our block gets linked to all the previous blocks in time, forming a chain of blocks (see where this is going?).
In order to link to the growing chain and be confirmed as legit transactions, the info in our block can’t conflict with anything that already exists.
So if I had duplicated my card, sent one copy out earlier then tried to send the second one to you, the history of that trade would already exist, so my second trade to you would conflict and be rejected.
Are you still with me? We’re almost there.
This all sounds great, but say I was extra greedy and didn’t want to play by the rules.
Say I wanted to go back through the record and remove that first card trade from the record, so I could trade the card again and make more money.
Since that trade would be stored in a block of information, and blocks are linked linearly in time, it’s probably been buried behind a bunch of blocks by now.
Say nine newer blocks have been added in that time since my first trade.
I could go find the 10th block down where my trade is recorded and delete it.
But remember that digital signature that gets put on each block? That is actually generated based on the info in the block, so changing the data (i.e removing my trade) automatically changes the signature.
And to make things worse for me, every signature in every block after this one is also partly determined by the signature before it, and will change if the previous signature changes.
So not only do I have to fix the signature on the 10th block, but also for the 9 newer blocks in the chain.
And to make matters even worse, I’m currently just doing this on my copy of the ledger.
All other copies are happily agreeing on what already happened.
I have to do all of that work, again and again on more than 50% of the computers in the network to gain the majority consensus.
And to make matters even more worse, those digital signatures require your computer do a lot of hard work to generate.
This means that recalculating those signatures for multiple blocks across the majority of the network would require a staggering amount of computing power — I’m talking multiple warehouses worth of computers, stacked to the ceiling, running 24/7.
So it’s pretty obvious that it’s totally not worth it for me to attempt this, because I’d end up way worse off than how I started.