Hey you!
Welcome back to “that’s what she said”, the newsletter which is your guide to understanding crypto instead of just nodding along when someone mentions it at parties. Last time, we explored block explorers — blockchain search engines that let you verify everything yourself, crypto-style (if you missed it, go back and read it before diving into today's topic).
Today, we're discussing the invisible guardians of blockchain security: hash functions and Byzantine Fault Tolerance (BFT). Without them, blockchain would be about as secure as leaving your front door open with a "rob me" sign.
Think of them as crypto's immune system. Hash functions and BFT don't get the spotlight like Bitcoin or NFTs, but they're doing the heavy lifting behind every single transaction you make.
Most people skip learning this stuff because it sounds technical and boring. Big mistake. Understanding these fundamentals is what separates tourists from natives in the crypto space.
So, let's break this topic down!
🔐 Cryptography: The Foundation
Before we dive into hash functions and Byzantine Fault Tolerance, we need to talk about their parent discipline: cryptography.
Cryptography is the science of securing information through mathematical techniques that make data unreadable to anyone except those who have the key to decode it. The word itself comes from the Greek "kryptos" (hidden) and "graphein" (writing) — literally, hidden writing.
People have been using cryptography for thousands of years. Ancient Spartans used a device called a scytale to encrypt military messages. Julius Caesar invented the Caesar cipher, shifting letters in the alphabet to hide his battle plans. During World War II, the German Enigma machine created codes so complex that breaking them changed the course of history.
Modern cryptography is different. It's about mathematics so complex that even supercomputers can't crack them in any reasonable timeframe. We're talking about problems that would take thousands of years to solve by brute force.
Blockchain technology stands on the shoulders of modern cryptography. Every transaction, every wallet address, every block — all of it relies on cryptographic techniques that transform blockchain from a shared spreadsheet into a secure financial system. Hash functions and Byzantine Fault Tolerance are two of the most critical security and consensus concepts (both heavily powered by cryptography) that make this possible.
🧠 Hashing
Hashing is the process of taking any piece of data — whether it's a single word, an entire book, or a complex transaction — and running it through a mathematical algorithm to produce a fixed-length string of characters called a hash.
Think of it like a fingerprint for data. Just as your fingerprint uniquely identifies you and can't be reverse-engineered to recreate your entire body, a hash uniquely identifies data but can't be used to recreate the original information.
In general computing, hashing is used for everything from storing passwords securely to quickly finding data in massive databases. Websites don't store your actual password; they store a hash of it. When you log in, they hash what you type and compare it to the stored hash. If they match, you're in.
In crypto, hashing takes on a whole new level of importance. Every transaction you make gets hashed. Every block on the blockchain contains hashes. Your wallet address? Derived from your public key using cryptographic hashing. That transaction ID you paste into a block explorer? That's a hash. The entire security model of blockchain technology fundamentally depends on the mathematical properties of hash functions.
The genius of hashing in blockchain is that it creates an immutable record. Change even a single character in the original data, and the hash becomes completely different. This makes tampering immediately obvious to everyone on the network.
💡 Hash Function
A hash function is the specific mathematical algorithm that performs the hashing. It's the recipe that tells the computer exactly how to transform your input data into that fixed-size output hash.
In blockchain technology, the most famous hash function is SHA-256 (Secure Hash Algorithm 256-bit), which Bitcoin uses. Ethereum uses a different one called Keccak-256. Here's what makes them special: a hash function takes an input of any length and always produces an output of a fixed length. SHA-256, for example, always produces a 256-bit hash, typically displayed as 64 hexadecimal characters. Whether you're hashing the word "hello" or the entire text of a novel, you get exactly 64 characters out.
The real magic is in what you can't do with that output. You can easily go from data to hash, but you cannot go from hash back to data. It's computationally infeasible, meaning even with all the computing power in the world, you couldn't reverse it in any reasonable timeframe.
This property is what makes hash functions so powerful for blockchain. When miners compete to create new blocks, they're essentially trying to find an input that produces a hash meeting certain criteria. They can't work backwards from the desired hash; they have to keep trying different inputs until they get lucky. This is what makes blockchain secure and what prevents anyone from simply fabricating valid blocks.
👀 Properties of Hash Function
Hash functions have five critical properties that make them perfect for blockchain security. They're the fundamental characteristics that make the entire system work.
- Deterministic. The same input always produces the same output, every single time, on every computer, anywhere in the world. Hash the phrase "Hello World", and you'll get the same result whether you do it today, tomorrow, or ten years from now. This predictability is crucial for verification. Anyone on the network can take the same transaction data, run it through the same hash function, and confirm they get the same hash, proving the data hasn't been altered.
- Fixed-length output. No matter how large or small the input data is, the output hash is always the same fixed length. This standardisation makes hashes easy to work with in databases and block structures. Every transaction hash, every block hash, always the same predictable size.
- One-way. This is the security superpower. It must be computationally infeasible to figure out the original input just by looking at the output hash. Going from data to hash is easy — instant, in fact. Going the other way is practically impossible. This protects transaction details and ensures you can't forge a transaction to match a specific hash. Even knowing the hash and the algorithm, you can't work backwards.
- Collision resistance. It should be computationally impossible to find two different inputs that produce the exact same hash output. This property makes it computationally infeasible for two different transactions to share the same hash. If two different transactions could produce the same hash, you could substitute one for the other, completely breaking the integrity of the blockchain ledger. Modern hash functions make the probability of a collision so astronomically low that it's considered impossible for all practical purposes.
- The avalanche effect. A tiny, insignificant change in the input data must produce a completely different and unpredictable output hash. Change a single digit in a transaction amount or a single letter in an address, and the resulting hash bears no resemblance to the original. This makes it impossible for an attacker to make subtle changes to a transaction without it being immediately obvious to the entire network.
These five properties combine to create something remarkable: a mathematical function that can prove data integrity without revealing the data itself, that can create unique identifiers that can't be forged, and that makes tampering instantly detectable. That's why hash functions are the bedrock of blockchain security.
🥷 Byzantine Fault Tolerance
Byzantine Fault Tolerance (BFT) sounds like something from a history textbook, and actually, it kind of is.
The term comes from the "Byzantine Generals' Problem", a thought experiment first posed by computer scientists Leslie Lamport, Robert Shostak, and Marshall Pease in 1982. Here's the scenario: imagine several generals commanding the Byzantine army, surrounding a city. To succeed, they must all agree on whether to attack or retreat. However, the generals are in different locations and can only communicate via messengers. Some of those messengers might be intercepted by enemy forces, and worse, some of the generals themselves might be traitors sending false information.
The question is: how do the loyal generals reach a consensus and coordinate their attack when they can't trust all the communication or even all the generals? This isn't just an ancient military puzzle. It's exactly the problem that decentralised blockchain networks face every single day.
In blockchain terms, the Byzantine generals are replaced by nodes — the computers running the network. Instead of deciding whether to attack a city, they're deciding on the current state of the blockchain: which transactions are valid, which blocks should be added, and what the official ledger says. And just like those Byzantine generals, the nodes can't fully trust each other. Some might be experiencing technical failures. Others might be actively malicious, trying to double-spend coins or disrupt the network.
Byzantine Fault Tolerance is the ability of a decentralised network to reach consensus on the correct state of the blockchain even when some nodes are faulty, offline, or actively trying to sabotage the system. In classical BFT-based systems, consensus is guaranteed as long as fewer than one-third of participants are faulty or malicious.
This is what makes blockchain possible. Without BFT, a single malicious node could introduce false information and compromise the entire network. With BFT, the network can identify and reject bad actors, maintaining the integrity of the shared ledger even in the face of attacks or technical failures.
💪 How Does Byzantine Fault Tolerance Work?
The core principle of Byzantine Fault Tolerance is simple: the network doesn't trust any single participant. Instead, it uses consensus mechanisms to force nodes to prove their honesty through cryptographic techniques, economic incentives, or computational work.
When a node wants to add a new block of transactions to the blockchain, it can't just announce, "Hey, I verified these transactions, trust me". The network demands proof. Depending on the consensus mechanism, this proof takes different forms, but the goal is always the same: make it economically or computationally infeasible to lie.
BFT systems rely on redundancy and verification. Multiple nodes independently verify the same transaction. If the majority agree it's valid, it gets added to the blockchain. If nodes report conflicting information, the network follows the majority, assuming that malicious or faulty nodes are in the minority.
The mathematical threshold is crucial: most BFT systems require at least two-thirds (67%) of nodes to be honest for the network to function correctly. This means the network can tolerate up to one-third of nodes being faulty or malicious without breaking down. Any less than two-thirds honest nodes, and consensus becomes impossible.
The genius of blockchain's approach to BFT is that it doesn't try to identify and remove bad actors. Instead, it makes their dishonesty ineffective. Even if malicious nodes exist, as long as they're in the minority, they simply get outvoted or their fraudulent blocks get rejected. The network continues running smoothly, processing legitimate transactions while automatically filtering out the noise.
⛏️ BFT in Proof-of-Work (PoW)
Proof-of-Work, the consensus mechanism Bitcoin pioneered, solves the Byzantine Generals' Problem through computational force.
Miners compete to solve complex mathematical puzzles by finding a nonce that, when hashed with block data, produces a hash meeting specific criteria (usually a certain number of leading zeros). There's no shortcut: miners just keep trying different numbers until they get lucky. When someone finds a valid nonce, they broadcast the block to the network. Other nodes verify it instantly, and if correct, everyone accepts the block. The winning miner collects newly minted cryptocurrency and transaction fees.
This achieves BFT through economic incentives. Miners invest thousands in specialised hardware and massive electricity costs. If they try cheating by mining fraudulent blocks, the network rejects their work — wasting all that money and energy for nothing. To successfully attack the network, a malicious actor would need to control more than 50% of total mining power, which is prohibitively expensive on major blockchains.
💰 BFT in Proof-of-Stake (PoS)
Proof-of-Stake takes a different approach to Byzantine Fault Tolerance, replacing computational puzzles with financial collateral.
Validators must lock up (stake) significant cryptocurrency to participate in consensus. On Ethereum, that's 32 ETH. The network randomly selects validators to propose new blocks and others to verify those proposals. If the majority agrees the block is valid, it gets added to the chain.
BFT comes from financial punishment. If a validator cheats — submitting fraudulent transactions, voting for conflicting blocks, or going offline — the network slashes their stake. They lose a portion or even all of their locked-up cryptocurrency. Attacking the network means attacking their own money.
PoS achieves BFT with significantly less energy than PoW. No computational race, no massive electricity bills, no specialised mining hardware. Validators just run a node and stay online. This makes PoS environmentally friendly and scalable.
The tradeoff? Validators with more staked cryptocurrency have more influence, raising centralisation concerns. PoS systems combat this through randomised validator selection, slashing penalties, and governance mechanisms. Still, as long as at least two-thirds of validators (weighted by stake) are honest, the network reaches consensus correctly.
⚡ Importance of BFT
BFT ensures data integrity. Every transaction gets verified by multiple independent nodes following cryptographic rules. As long as the majority are honest, fraudulent transactions get rejected. It prevents double-spending, the most fundamental attack on digital currency.
BFT makes the network resilient. Nodes crash, connections drop, malicious actors attack — and the blockchain keeps running. As long as enough honest nodes remain online, consensus continues. This redundancy enables trustless interaction. You don't need to know who's running the nodes or trust their intentions. The system itself enforces honest behaviour through cryptography and economics.
Without BFT, cryptocurrency would be theoretical, not functional. It's what allows Bitcoin to process transactions reliably despite having no CEO, no customer service, and no central server. It's what lets Ethereum execute smart contracts with confidence.
Key Takeaways
- Cryptography is the mathematical foundation of blockchain. Hash functions and Byzantine Fault Tolerance are two of the most critical security and consensus concepts that transform blockchain from a shared database into a secure, trustless financial system.
- Hashing creates unique digital fingerprints. It's the process of taking any data and producing a fixed-length string of characters (a hash) that uniquely identifies that data but can't be reversed to recreate the original.
- Hash functions are one-way mathematical algorithms. They're deterministic (same input = same output), produce fixed-length outputs, are collision-resistant (two inputs can't produce the same hash), are pre-image resistant (can't reverse from hash to input), and exhibit the avalanche effect (tiny input changes = completely different output).
- Hash functions secure blockchain through immutability. Every block contains the hash of the previous block, creating a cryptographic chain. Changing any historical data changes its hash, breaking the chain and making tampering immediately obvious.
- Byzantine Fault Tolerance solves the consensus problem. It allows a network of untrusting participants to agree on a single version of truth, even when some participants are faulty or malicious, as long as at least two-thirds are honest.
- Without hash functions and BFT, blockchain wouldn't work. They're the fundamental technologies that enable decentralised, trustless networks to function reliably.
Final Thought
Blockchain runs on trust in mathematics. Hash functions transform data according to fixed rules that can't be cheated. Byzantine Fault Tolerance assumes people will try to cheat and builds systems where lying costs more than telling the truth.
Instead of trusting humans to be honest, we trust code to be unbreakable. Instead of hoping institutions won't screw us over, we build systems where power is mathematically distributed.
However, you never think about hash functions or BFT when you send a transaction. They work silently in the background, turning a network of strangers into something that actually functions.
If you learnt something new today, pass it on. Share it with your community. Let's spread the knowledge and level up together.
That's a wrap, normies. Next time, we'll talk about Ethereum. Get ready 💪
Cookies She Left Behind
If you'd love to dig deeper into the topic, I'd also recommend reviewing the following:
- Byzantine Generals Problem Explained by CoinGecko
- What is a Cryptographic Hashing Function? by Whiteboard Crypto