We want to make it less attractive to the bad guys to manipulate your chain. For that we go back to the hash function again. We know from a hash that every change of an input will create a completely different output.

In technical terms we can say, if we change one input bit, every output bit has a 50% change to be changed. Now let’s look at a specific output bit, assume bit 17. The statistical chance that this bit is 0 or 1 after a hash is 50%. Let’s assume we like 0 more. Statistically after 2 hash with different input our chance to see a 0 at bit 17 is good. Now make if more challenging. Let’s say we want bit 17 **and** bit 18 be 0. Our chance to see this after a single hash is now only 25%. An average of 4 hash with different input is needed to likely see both bits 0. This goes on, the more bits with predefined output (0) the more inputs we must try. The relation is exponential. How do we change the hash input for our trials? An additional input field called “NONCE” is added. The nonce can be incremented from hash to hash to change the input. A real live example from the BitCoin blockchain required 2^72 different input trials to get the predefined 0’s at a high probability. That means **4,722,366,482,869,645,213,696** hash operations. This makes hashing very time consuming and creates a tremendous electricity bill.

This expensive operation affects both the original owner of the chain and the attacker. Both have the same work to do. You would need help from others to master this huge task. A large network of computers is needed, with thousands of helpers. In Bitcoin these “helpers” are called miners. They don’t work for free. They charge transaction fees and they get rewarded by the system with automatically created coins. The thousands of miners take an average of 10 minutes to find a matching hash. This is only possible when they use special equipment that can hash up to a trillion samples in a second. If a new hash is found the proof-of-work is completed. Thousands work in parallel, but only one is lucky and find the required hash. That means, all other unsuccessful miners wasted their energy.

Now, a single attacker is not able to perform that work in the same time, as long as he has not more helpers than the original chain. He would never catch up with the faster running original chain. Only if he has more than 50% of all helpers working for him, then he might catch up after some time. Who pays the electricity bill and the network fees? It works, but at what price? At the time of writing the cost of a single Bitcoin transaction was above 20 US$.

Your private chain may use less bits for the proof-of -work, but if you make it too easy it becomes attractive for fraud.

Here comes the new idea. We call it backstep blockchain.