            4. Proof-of-Work

            
              To implement a distributed timestamp server on a peer-to-peer
              basis, we will need to use a proof-of-work system similar to Adam
              Back's Hashcash [6], rather than newspaper or Usenet posts. The
              proof-of-work involves scanning for a value that when hashed, such
              as with SHA-256, the hash begins with a number of zero bits. The
              average work required is exponential in the number of zero bits
              required and can be verified by executing a single hash.
            

            
              For our timestamp network, we implement the proof-of-work by
              incrementing a nonce in the block until a value is found that
              gives the block's hash the required zero bits. Once the CPU effort
              has been expended to make it satisfy the proof-of-work, the block
              cannot be changed without redoing the work. As later blocks are
              chained after it, the work to change the block would include
              redoing all the blocks after it.
            
          

The proof-of-work also solves the problem of determining representation in majority decision making. If the majority were based on one-IP-address-one-vote, it could be subverted by anyone able to allocate many IPs. Proof-of-work is essentially one-CPU-one-vote. The majority decision is represented by the longest chain, which has the greatest proof-of-work effort invested in it. If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains. To modify a past block, an attacker would have to redo the proof-of-work of the block and all blocks after it and then catch up with and surpass the work of the honest nodes. We will show later that the probability of a slower attacker catching up diminishes exponentially as subsequent blocks are added. To compensate for increasing hardware speed and varying interest in running nodes over time, the proof-of-work difficulty is determined by a moving average targeting an average number of blocks per hour. If they're generated too fast, the difficulty increases.

5. Network The steps to run the network are as follows:

1) New transactions are broadcast to all nodes.
2) Each node collects new transactions into a block.
3) Each node works on a proof-of-work for its own block.
4) When a node has solved the proof-of-work, it broadcasts the block to all nodes.
5) Each node updates its copy of the chain on the longest chain it sees.
6) Nodes always consider the longest chain to be the correct one and will keep working on extending it.

Nodes always consider the longest chain to be the correct one and will keep working on extending it. If two nodes broadcast different versions of the next block simultaneously, some nodes may receive one or the other first. In that case, they work on the first one they received, but save the other branch in case it becomes longer. The tie will be broken when the next proof-of-work is found and one branch becomes longer; the nodes that were working on the other branch will then switch to the longer one.