Cryptocurrencies like Bitcoin always promote that blocks are immutable and permanent. Is it true, that blocks from blockchains are immutable?
No, block reorganizations can take place for several reasons. That means that data from before added blocks gets replaced.
Sometimes it happens that a miner has a slow internet connection. Two miners could also mine one block at the same time. What happens afterward?
Nodes can choose on their own what blockchain they want to follow. Usually, they accept the block that they received first. This could create a fork in the blockchain. Some nodes might accept the block from miner A and some nodes from miner B. What happens then?
Nodes follow the blockchain that has the highest block count. If network B would mine the next block in less time, the network would decide to follow them. The reason for this is because they have the longest chain.
Because of that problem, miners usually have good internet connections. At least to other miners. They usually receive a block in <500ms. It makes the network more stable and miners don’t waste time and put in energy into nothing.
Understanding block confirmations
Most exchanges and services only accept transactions after 6 confirmations. Afterward, the transaction is trustworthy. 1 confirmation means that your transaction is in the last block. 2 confirmations mean that there are 2 blocks after your transaction got in a block and so on.
Example: We are in block #1000. 1 confirmation means that my transaction is in block #999. 2 confirmations means that my transaction is in block #998.
The network may reorganize one block. It is also possible that the network reorganizes two blocks. But the chances for it happening is far less than the network reorganizes one.
It is under normal circumstances nearly impossible that the network reorganizes 6 blocks. That’s the threshold where a transaction counts as permanent and immutable.
What happens to my coins/my transaction if blocks get reorganized?
Before your transaction gets into a block, it comes into the Mempool. It’s a pool for unconfirmed transactions. Miners can choose on their own what transactions they take from the Mempool and put in a block.
If blocks get reorganized, your coins are not lost. It means you never did a certain transaction and it never happened because it is not on the blockchain. You could submit a new transaction to the crypto network.
If your transaction had zero confirmations when the reorganization happened, it will be added in the future to the blockchain. It won’t be affected by the reorganization. The reason for this is because it never was on the blockchain. It was waiting in the Mempool to be picked up and included in a block.
Now you have a basic understanding of what happens when blocks get reorganized. Here is an attacking scenario where people can reorganize blocks and do a double-spend. A double-spend means that you can spend the same coins twice.
How does it work?
To perform a 51% attack, you need at least 51% of the total hash power from the network. By controlling that amount, you could mine more blocks at the same time as the whole network.
You start by making a transaction to a service. Afterward, you go back in time around 10 blocks where the transaction was not included in a block. You start mining after that block. So, in the beginning, you are behind. But after some time, you are at a point where your blockchain is bigger than the one from the original chain. It could take 100 or 200 blocks until you reach the points but you will get past the point. The reason for it is because you control 51% of the total hash power. So, you are faster.
Unfortunately, you didn’t only reorganize 10 blocks and put in the energy for 10 blocks. You reorganized ~206 blocks because the main network still mines new blocks and never stops.
It gets harder to reorganize the chain the older a block is. The reason is that the main network still mines new blocks and you have to get all the new blocks.
After your blockchain is bigger, you publish it to the network and you can reorganize the blocks. Afterward, you could spend your coins again because you rewrote some blockchain data.
In Bitcoin’s case, such an attack would cost billions. Also, it is usually more profitable to take part in the network. Mining legitimacy could make you more money by doing that. Small chains, that have less hash power, are more in danger of a 51% attack.
Why miners need to wait for 100 blocks until they can spend their coins
Because of the reorganization problem, miners need to wait for 100 blocks until they can spend the coinbase transaction. The coinbase transaction includes the block rewards and the fees. It’s a mechanism so miners can’t cheat.
If something like this happens, the community could decide to reject that chain and mine on the old chain. So, they would make a hard fork. This requires every member of the network to accept the modified blockchain.
For instance, Ethereum decided to do that after the DAO hack in 2016. They forked the chain. The result was Ethereum Classic, which had the original chain that was affected by the DAO hack. The other chain is now the Ethereum blockchain. It has a rolled back version where the hack didn’t happen.
Why you should never trust a zero-confirmation transaction
There are always people advertising that nobody should trust a zero-confirmation transaction. But why? The reason is, that this transaction is not added to the blockchain yet.
Nodes could lose it. Also, there is the possibility that not even all nodes know that this transaction exists. You can only be sure that this transaction exists if it is on the blockchain. You need at least one confirmation.
Why some services trust zero-confirmation transactions
Now it becomes tricky. The customer wants his transaction to be confirmed as fast as possible. But he would need to wait at least 10 minutes until it is confirmed by the Bitcoin network. Bitcoin miners need on average 10 minutes to find a new block.
This is the reason why some services trust zero-confirmation transactions. They usually handle them differently than transactions that have 6 confirmations and count as trustworthy. Let me give you an example. Let’s say you bought a cloud mining contract for one year. The service itself tells you everything worked fine after you submitted the transaction to the network.
With mining operations, it’s fairly easy to handle that problem. The reason is that they usually payout daily and that is more than enough time for a transaction to get confirmed. They could correct malicious transactions.
The same thing could happen with online shopping. Let’s say you buy a laptop. The service could tell you everything worked fine but doesn’t ship the product instantly. They wait until the transaction has 6 confirmations. If not, they don’t send you the product.
When does a Bitcoin block count as trustworthy and permanent?
A Bitcoin block counts after 6 confirmations as trustworthy and permanent.