2

I am very new to Bitcoin. Recently checked Bitcoin explorer. All blocks and transactions and blocks stored in the blockchain are identified with a SHA-256 hash. This hash is calculated from the contents of the block or transaction. The website indexes these hashes in its database and provides a reverse lookup to the original string against which a hash is computed.

These SHA-256 hashes are not unique to bitcoin only. Although the block hashes have a specific pattern which may be meaningful for bitcoin only, the transactions do not. Is it possible that this reverse lookup can be used as a rainbow table in future ? Till now how much of the hash space has been exhausted ? At what rate is it growing ? Even if it is 1% it means for every 1000 hashes there are ~10 hashes that are compromised. Of course the lookup table may not yield the original text but often any original text may work. I understand that it is not a problem for most of the passwords (for well designed websites), because the passwords are hashed with a salt. But there can be other scenarios where a reverse lookup table can be considered as a threat to the security of the system.

Is this a threat or bitcoin have something to protect against such attack ? Should other systems use any precaution against this ?

Neel Basu
  • 12,638
  • 12
  • 82
  • 146

1 Answers1

2

There are an estimated 650 million transactions on the chain (as of June 2021).

sha256 has 2^256 possible values.

The chain therefore has 0.00000000000000000000000000000000000000000000000000000000000000000056% of the possible values of sha256.

6.5e8 / 2^256 * 100 = 5.6e-67

While possible, it's highly unlikely that a hash you are attempting to find a collision for exists on the chain.

D M
  • 5,769
  • 4
  • 12
  • 27
  • 1
    Furthermore, even a very ordinary desktop computer can easily execute several million SHA256 hashes per second. So even if a rainbow table with 650 million entries were useful, you could generate your own in just a few minutes with no help from the Bitcoin network. That would also let you target a region of the search space that was more likely to contain password (e.g. alphanumeric strings, fragments of English words, etc), as opposed to transaction hashes which are more or less random bytes. – Nate Eldredge Jun 23 '21 at 20:18
  • Thanks for the link to the graph. I see it is mostly linear. Even the all time growth looks quadratic. First I though that it would be exponential. – Neel Basu Jun 23 '21 at 20:38
  • I'm not incredibly knowledgeable, but I believe the linearity is intended. The [difficulty](https://en.bitcoin.it/wiki/Difficulty) of confirming a block on the chain is increased regularly (every 2016 blocks). – D M Jun 23 '21 at 20:50