It’s no secret that Bitcoin is secure. The network has operated with 99.99% uptime1 since its inception. Despite having a trillion-dollar target on its back, hackers have never broken into a single account.
Understanding why Bitcoin is so secure isn’t so simple. And understandably so. Bitcoin’s security model upends how we usually think about protection.
Typically, we think of security as gatekeeping. Banks defend your account by knowing who you are and expecting you to be able to prove it. On the other hand, Bitcoin doesn’t know your identity and doesn’t care to find out. A bank keeps your account balance confidential so as not to attract unwanted attention. As an open network, Bitcoin puts holdings on display for the world to see.
So just how does Bitcoin pull it off? When considering Bitcoin’s security, we’ll focus on three attributes: proof-of-work, decentralization, and the power of large numbers. Proof-of-work and decentralization protect Bitcoin at the network level. At the same time, large numbers are, crazy as it may seem, the solution to securing individual accounts.
A blockchain is nothing more than a means of sharing data in a way that is resistant to tampering. In the case of Bitcoin, it secures its ledger through proof-of-work.
Miners compete to add blocks of transactions to the chain in exchange for bitcoin payments. These payments include the block subsidy2 and transaction fees. But to add a block, Bitcoin’s protocol imposes what amounts to a toll on miners.
The toll comes in the form of requiring a valid proof-of-work for every block. In brief, miners collectively perform quadrillions3 of computations that generate random numbers. The first miner who generates a number belowa set target wins the block. Proof-of-work is the act of producing these random numbers until a miner finds a sufficient one.
Creating a valid proof-of-work requires specialized hardware and, more importantly, a lot of energy. Miners bear both of those costs. Furthermore, nodes reject blocks that include invalid transactions such as double spends. Therefore, a miner that tries to slip a bad block into the chain risks their effort going to waste. Consequently, proof-of-work is a deterrent to adding invalid blocks and ensures that miners have skin in the game.
As more miners compete to add new blocks, generating a valid proof-of-work becomes progressively more difficult. If a miner wanted to attack the blockchain by reordering blocks (that is changing the history of the ledger), they’d need to accumulate 51% or more of the network’s computational power, an almost unthinkable task at this point in Bitcoin’s evolution.
Unlike the overwhelming majority of websites, Bitcoin isn’t run on a centralized server. Instead, the Bitcoin network lives on computers, known as nodes, that its participants run voluntarily.
The implication is that hacking Bitcoin's software would mean accessing tens of thousands of individual machines. Of course, hackerscould attempt to corrupt any single device. However, thousands more would still hold the proper code and an accurate copy of the blockchain.
While Bitcoin's architecture is slower than a centralized network, it's nearly impossible to take down. If even asingle node were left unscathed from an attack, Bitcoin wouldn't skip a beat.
Bitcoin doesn't hold any information about its users. Alternatively, Bitcoin secures accounts through private keys that are just huge numbers. Hard as it is to believe, the range of numbers is so vast that guessing just one tied to any bitcoin is physically impossible. A successful guess would theoretically require harnessing the power of a star and take more time than the expected life of the universe.4
For a sense of scale, consider the following. People often compare the amount of private key combinations to the number of atoms in the universe.5 The comparison isn't to galaxies, stars, or grains of sand, but atoms, the building blocks of all matter.
Quite simply, Bitcoin protects addresses through the immutable laws of physics. In a world of supercomputers, you might think it’d be possible to have a machine start at one and work its way up until it hit the jackpot. But physics makes such an act prohibitively expensive. Anyone who wanted to try that gambit would be better off, economically speaking at least, using all of that raw energy and processing power to just mine bitcoin.
The incomprehensibly low probability of randomly guessing a private key is the crux of why the Bitcoin network is as safe as it is. Anyone who would choose to attack the Bitcoin network would have to do so for reasons other than economic gain.