I am new to Blockchain, learning to implement it in javascript while understanding things. I have one question that I tried to search a lot, didn't get any clear explanation.
Question : Lets suppose I have 3 transaction records and previous block hash. I also found out the Nonce value. Combined I got desired hash of 4 '0's at front. Now everywhere I read, it says this proves the validity of block. But How?! I mean, What if before finding hash, I (or someone) TAMPER WITH THOSE 3 TRANSACTIONS. I could again find a hash with 4 '0's but this time I altered AMOUNT in those 3 transactions (making them faulty).
How can we be sure that those transaction amounts are LEGIT. Consider this is the newest block, I am concerned about validity of those 3 transaction records.
If proof of work doesn't guarantees the critical information (transaction records) then what is the point of it. What thing validates those transaction records in block are not faulty? (The miners haven't tampered with them, before adding block to blockchain)
The proof of work & hash block functions in JS :
// Hashing Single Block
Blockchain.prototype.hashBlock = function(previousBlockHash, currentBlockData, nonce){
const dataAsString = previousBlockHash +
nonce.toString() +
JSON.stringify(currentBlockData);
const hash = sha256(dataAsString);
return hash;
};
// Proof of Work
Blockchain.prototype.proofOfWork = function(previousBlockHash, currentBlockData){
let nonce = 0;
let hash = this.hashBlock(previousBlockHash, currentBlockData, nonce);
while(hash.substr(0, 4) !== '0000'){
nonce++;
hash = this.hashBlock(previousBlockHash, currentBlockData, nonce);
// console.log(hash);
}
return nonce;
};
I'm going to try to give a simplified answer, as there are many details that are not required to understand the solution.
First of all, let's look at what a transaction consists of:
When you create an address for people to transfer money to, where is this address coming from? First of all, you create a public/private key pair. A public/private key pair is the result of some complicated mathematics. What you can do with these keys is interesting. You can sign a message with your private key. If your friend has your public key, they can verify that the signature is valid for that message, which means that they can verify that it was you writing that message.
In blockchain, an address is the sha256 hash of a public key.
Now when it is time to transfer your money, you need to do two things:
If a miner changes the 'to' address, the 'from' address, or the amount, the signature of the transaction data isn't valid anymore.
If a miner decides to add a new signature based on the changed data, it won't verify anymore with the public key in the transaction.
If the miner decides to change both the signature and the public so they match, then the 'from' address won't be correct anymore as it is the hash of the public key.
I left out some details like:
You can find the complicated details of what goes into a transaction here: https://en.bitcoin.it/wiki/Transaction