in , ,

You cannot gain security by hashing a file. By CSW (aug 31, 2021)

Today’s myth busting lesson.


You cannot gain security by hashing a file. The myth that is propagated is that bitcoin miners secure bitcoin through hashing. This is absolutely incorrect. A hash is not a security function. A Hash may be part of a protocol that delivers security that cannot deliver security by itself. A hash is a message authentication and authorization process and best and even this requires a protocol.

A hash is simply a mathematical means of indexing a file so that you do not need the full file. As any changes to the file, even a single bit, completely change the hash, it is a means of ensuring integrity and that the file itself has not changed.


Bitcoin miners use hashing of puzzles as a proof of work. This provides absolutely zero security. What it does, is demonstrate an investment. It is not the amount of hash rate that secures a network but rather the signal issued by the miner that they are willing to play by the rules and have something at risk.

What people fail to understand, is that hash rate alone is not a security tool. Hash rate is a method of signalling investment. The miner who signals investment demonstrates that they have skin in the game and something to lose. This is an important concept to understand. It is not the hash that secures bitcoin, it is the economic incentive of the invested capital that can be lost.



The reason a private blockchain cannot work stems directly from that statement. It is not the fact that there is a chain of hashes that secures the chain, it is the fact that there are hashes that are public.

The SPV chain allows people external to the miners to maintain a list of attestations. They can do this without having the full file. In collapsing the Merkel tree to a single hash value, you can encapsulate the entire stream of transactions in a single hash. In this, any alterations may be detected. Where you do not have a public chain, it is simple to run multiple chains simultaneously and thus to be able to do the Enron or Bernie Madoff scam. That is, an organization could simply and easily run multiple sets of books.


The reason section 3 of the Whitepaper states that bitcoin is a timestamp server is that a hash has to be publicly validated by multiple parties at a point in time to be part of a security protocol.

The solution we propose begins with a timestamp server. A timestamp server works by taking a hash of a block of items to be timestamped and widely publishing the hash, such as in a newspaper or Usenet post [2-5].


It is for this reason that the bitcoin White Paper states the nature of proof:

The timestamp proves that the data must have existed at the time, obviously, in order to get into the hash. Each timestamp includes the previous timestamp in its hash, forming a chain, with each additional timestamp reinforcing the ones before it.


Without some form of public attestation, without the hash being publicly recorded, there is no security. The solving of a proof of work puzzle is not what secures the network. As stated, this can provide no security on its own. There is no way to market the value of the token unless it is traded in a public system and openly. Without such a value, any party can set up a system that appears to be valid at face value and yet runs multiple copies with every possible history. This is why system such as hyper ledger and any other private blockchain are incredibly foolish. They are less secure than a native Oracle database with write controls enabled.


The peer network and bitcoin is designed to distribute the block hashes widely. Every single SPV user would have a copy and the base for the timestamp server would become universalised. Unlike multiple chains, a single source of truth could then evolve. In this, it becomes possible to set up protocols that linked to identity that would ensure a single sub- chain of private transactions that could be provably linked to an original start point or Genesis foundational point that would be associated with private transactional data.

It is not the nodes fighting to gain distributed hash rate but rather the mere fact that the hash exist publicly an action may be taken on that hash. The public nature of the hash is what makes it possible to use it as an attested value. Hash cannot guarantee something existed at a point in time. A hash that is publicly displayed and that can be widely attested by people, not computers, in a court of law is secure. The failing people managed to avoid is that bitcoin is designed around legal evidential principles requiring humans and not machines. Machines store the data, humans make an attestation that they had the copy and that they can prove that it existed at a time


Bitcoin in this manner acts in a methodology and knowledges to publishing a statement in a newspaper. Where copies of that newspaper are widely distributed, stored on microfiche, held by people in a manner that is provable, the copy in that physical paper may be used in an evidential basis. Likewise, the publication of hash that can be collapsed through the hash of a hash allows the ordering and chronological time stamping of an event to occur.

This is how bitcoin sold the double spending problem. The first hash in chronological order is correct. Any further double spends are rejected. Time is publicly validated.


To conclude, it is critical to note that the key aspect of this is not hashing. That is basically a way of saving space and allowing bitcoin to scale. It is the full transaction that matters. The hash acts merely as an index that can be used to prove the authenticity of the full file without needing to copy and download the full file or transaction.

The hash thus saves space allowing SPV. SPV can then be used by everyone at any level of scale.




Nov 14, 2019





Nov 14, 2019


What do you think?

Written by Ramon Quesada

Passionate about Blockchain & Bitcoin technology since 2013, Co- Founder of, Team Manager in the CoinTelegraph Spain franchise (2016-2017 years) Co. Organizer of the Blockchain Boot camp Valencia 2018, Co. Organizer of the mini Hackathon BitcoinSV Barcelona, in August 2019, current coordinator of the BSV Valencia Meetup.


Leave a Reply

Your email address will not be published. Required fields are marked *



Why Satoshi has not come out anonymously? By CSW

Bitcoin is a Turing complete system even in script. By CSW