So this this is where the peer-to-peer network is useful.
Every time someone receives a transaction,
they don't just accept it.
What they do is they send it into the peer-to-peer network.
So when someone wants to verify a coin
what they need to do is send it into the peer-to-peer network.
Every transaction in that coin can be verified
by all the other members of the network,
and before the transaction's considered valid,
we need to know that that coin hasn't been already spent in some other way.
So there's two important parts to this.
That means all the nodes must agree on all the transactions.
That requires some sort of timestamp.
Nodes are going to receive messages at different times.
We need to know it's the case that if this coin was spent twice,
that before this one validates the transaction--
We need to ensure that if someone attempted to spend a coin twice
both transactions wouldn't be validated
by having different parts of the network
have different views of that history of all the transactions.
So how do we provide this timestamp?
And we need to remember that
some of these nodes might be malicious.
We have no way to know that all the nodes are trusted.
Anyone who wants can join the network.
We just need to have some honest parties
to validate the transactions.
But we need to know that dishonest parties
can't invalidate the history of transactions.
The key to this is requiring a proof of work.
For each timestemp we're going to have a new block,
and we need to know that creating those new blocks requires work.
If it requires enough work to increase the timestamp,
then it's unlikely that a malicious user
can increase the timestamp faster than the whole network.
So how do we make that hard?
We need some kind of proof--of-work to be embedded in the timestamps.
So here's a way to do a proof-of-work.
In order to prove you've done some amount of work,
you need to find a value of X
where the hash of X starts with some number of 0s.
Doing that requires work if this is a good cryptographic hash function.
At least if we have a random oracle assumption about that hash function,
the only way to find such an X value
is to keep guessing and looking at that output.
So you need to do the amount of work necessary to find that output.
So how much work is that?
How many times do we expect to need to compute the hash function H
in order to find a value of X where H of X starts with 0 to the 10--
starts with 10 consecutive 0s?
