# Security Analysis

**Proofs cannot be forged**

MASS's PoC algorithm makes use of time-memory trade-offs. If the prover provides the capacity proof S, it shows that the prover filled the capacity S according to the present rules, which would be very difficult to calculate quickly.

**51% fault tolerance**

When competing for the next block, each node looks for a proof that matches the current block in its own initialised storage space. The probability of a node generating the new block is in proportion to the ratio between the initialised capacity of the entire network and the initialised capacity of the current node. If a malicious node intends to take control of block generation, it needs at least 51% of the capacity of the entire network. However, to have more than 51% capacity, the physical hardware investment would be colossal. Therefore, malicious nodes do not have sufficient incentive to break the MASS consensus.

**The unpredictability of the random target value**

In the MASS PoC algorithm, each block provides a random value as the target for the initialised capacity of all nodes. This random value is produced by a verifiable random function, and no node can control this. Therefore, at the same block height, all nodes have the same prior information when competing for the next block.

**Resistant to forking**

The fork detection punishment scheme protects against Nothing-at-Stake attacks splitting the chain. Since MASS uses a proof-of-capacity algorithm, without taking necessary protective measures, it would be at risk from nothing-at-stake attacks. That is, the proof S can be used as the proof on the main chain and also on a fork at the same time at no additional cost. In order to deal with this risk, the MASS system uses a fork detection punishment scheme. If the main chain block and a forked chain block are found to have the same proof, all nodes will automatically blacklist the public key used in initialisation for that storage capacity and reject subsequent proofs provided from it.

**Resistant to selfish mining**

In a proof-of-work consensus mechanism, a malicious node can obtain a time advantage in competing for the next block by hiding blocks already mined. However, in the MASS blockchain consensus protocol, initialised nodes can find proofs exceptionally quickly, so there is no room for strategies of this type.

**Resistant to double-spend transactions**

The MASS system uses a UTXO (Unspent Transaction Output) transaction model, which is secured by asymmetrically encrypted mathematical algorithms. Block rollback is guaranteed by the PoC algorithmâ€™s 51% Byzantine fault tolerance.