Keep in mind two things:
Digest functions or hash functions ((see here))1
proof of work – Finding a hash that satisfies some conditions (see here)
Briefly, hash functions take a data structure (of any length) and give it a “fingerprint” in a default size. Minor changes to the input info change the fingerprint wildly.
Proof of work, in Bitcoin requires that you assemble a block (with all the transactions AND the previous block hash) and try out values (in the
nounce field) until you reach a valid hash. It is called proof of work because the only way to reach a valid hash is by trying different inputs (thus working) until you reach it.
So, it is hard to change a tx after it has been confirmed as the latest block references the previous block’s hash, which in turn references the previous block and so on. If any data changes in any of those blocks, all subsequent hashes will change, leading the proof of work on all these blocks to become invalid.
The only way is to go all the way back and solve the PoW again for all blocks that had hashes affected.
In order to change a transactions confirmed 2 blocks ago (let´s call it block
t-2), you would need to reassemble that block (
t-2), solve the proof of work for it, then reassemble the subsequent block (
t-1), solve it’s proof of work and only then you would be able to start working on block
t. While you were spending energy/work on your new version of block
t-2, other miners were already working hard on block
This race to revert something becomes exponentially more difficult the further back you go in the blockchain. In order to even start such an attack the attacker will need, at least 51% of the hashing power and probably way more the deeper “changing the record” goes.