- Compromising and taking control of the Bitcoin network is a challenging prospect.
- That’s because Bitcoin is cryptographic, irreversible, distributed, and public.
- Brute-forcing private keys, or hijacking the blockchain by controlling 50% of the network’s computing power, are all but impossible.
Name a company, and, odds are, it’s been hacked. With 71% of hacks being financially motivated, it begs the question: Can the Bitcoin network be hacked, too? After all, it’s a tempting target.
We never like to say never at Decrypt, but the answer is: pretty much no. Indeed, Bitcoin has proven remarkably resilient to shocks and stresses throughout its history. And while crypto exchanges have been hacked with depressing frequency, and their stores of Bitcoin redistributed, actually compromising and taking control of the Bitcoin network itself is a far more daunting prospect.
That’s because Bitcoin is cryptographic, irreversible, distributed, and public.
Public key cryptography
Bitcoin is the original cryptocurrency. “Crypto” is short for cryptography, more specifically, “public key cryptography.” That means it uses a private and a public key to ensure the authenticity and integrity of transactions. Bitcoin’s digital signatures are signed using something called the Elliptical Curve Digital Signature Algorithm (ECDSA).
The only way for someone to derive a private key from a given public key would be via a brute-force search—trying every possible value for a private key and seeing if it generated the corresponding public key. In practical terms, that’s impossible, since there are 1,077 possible combinations.
Transactions are irreversible
The clever thing about Bitcoin is that it’s run on a blockchain. A “block” is just a batch of newly processed transactions. Each block is connected to the previous batch of transactions by a one-way cryptographic function, forming a “chain.”
Blockchains are write-only ledgers. You can add information to them, but the blocks, once written, can’t be modified. It’s as if all the transactions are buried beneath the weight of the other blocks.
That means people can’t simply reverse a transaction from a week ago, like your credit card company might after you “accidentally” bought that ill-advised purchase on eBay.
The traditional finance ecosystem relies on centralized parties like banks to keep a record of transactions and prevent fraudulent transactions. But that means you're reliant on those parties to act in good faith, and any one of those parties could adjust the ledger of transactions to fake or reverse a transaction.
Blockchains are different: They’re a type of distributed ledger. Instead of your money sitting in a centralized database, vulnerable to a single point of failure, it’s kind of everywhere (or, more accurately, the record of transactions is distributed among many separate parties).
That may sound like a bad thing, but it’s not. Everyone running the Bitcoin software with a “node”—a computer—is responsible for verifying transactions. The majority of nodes must more or less agree that the record of transactions is accurate before they can be approved. (Don’t worry: It’s automated, so no one’s clicking “Agree” every 10 minutes a new block is made.)
For someone to hijack the blockchain, they’d need more than that. For the Bitcoin blockchain, to carry out such an attack would require the acquisition and coordination of resources beyond even the most powerful countries.
With so many different people running the software—and a collective interest in keeping the valuable coin secure—that’s not likely to happen. It’s simply too expensive and difficult to coordinate.
Everyone can see the transactions on the Bitcoin blockchain. It’s a public ledger. While that means someone can see what’s in your wallet, they don’t know it belongs to you, because your funds are in a pseudonymous address. Moreover, they can’t take your money; only the person who holds the private key to a Bitcoin address can move the funds.
Crucially, because of this transparency, everyone can see the ledger of transactions and verify everything is on the up and up. Anyone is able to audit the system, which breeds trust.