proof of work mining
play

Proof of Work, mining, and P2Pool An overview of Bitcoins consensus - PowerPoint PPT Presentation

May 24, 2023 •129 likes •481 views

Proof of Work, mining, and P2Pool An overview of Bitcoins consensus model Paul (Pavlos) Georgiou PGP: A4C02B7A9C233216725FDCFA5816243AF4D1B6BB 1 Foreword: Distributed Consensus is strictly speaking impossible Michael J. Fischer,

  1. Proof of Work, “mining,” and P2Pool An overview of Bitcoin’s consensus model Paul (Pavlos) Georgiou — PGP: A4C02B7A9C233216725FDCFA5816243AF4D1B6BB 1

  2. Foreword: Distributed Consensus is strictly speaking impossible Michael J. Fischer, Nancy A. Lynch, and Michael S. Paterson. 1985. Impossibility of distributed consensus with one faulty process. J. ACM 32, 2 (April 1985), 374-382. https://groups.csail.mit.edu/tds/papers/Lynch/jacm85.pdf 2

  3. Building Blocks Prerequirements to understanding mining 3

  4. Hash functions f : → (not this) 4

  5. • Hash functions map bit strings of arbitrary length to fixed length bit strings. • hash(preimage) = digest • Cryptographic hash functions are:- • Preimage resistant: Given the digest it’s infeasible to compute the preimage; - • Collision resistant: It’s infeasible to find two preimages which map to the same digest. • Their outputs are uniformly distributed and uncorrelated to their inputs. 5

  6. Merkle trees (not to be confused with Merkel’s tree) 6

  7. • Problem: How do we compute a hash of list of items? • Naïve approach: Concatenate items, compute hash. • Not flexible: Need all items to verify the inclusion of one. • Instead, compute the hashes of each item and combine them in a tree-like structure: 7

  8. Basic data structures used in Bitcoin (sorry, there’s no common misconception about this one) 8

  9. Transactions • The first transaction in a block is a • Version special one: • Markers (segwit) • Called the ‘generation’ transaction. • List of inputs • Has only one input, the ‘ coinbase ’. • Previous output • Previous output = 0 • Input script • Input script was originally ignored, • Sequence number but now has certain restrictions. • List of outputs • Value • Output script • List of witnesses (segwit) • Lock time 9

  10. Block headers Blocks • Version • Block header • Previous block hash • List of transactions • Transaction Merkle tree root • Timestamp • Difficulty • Nonce 10

  11. Proof of Work How to approximate consensus with expensive computations 11

  12. Requirements for PoW • Easy to verify solutions • Hard to find solutions • Difficulty of finding solutions can be precisely quantified • Probability of finding solutions proportional only to computational power • Provably inseparable from the block it secures • Depending only on the current state of the blockchain Would a useful application like protein folding be a good option? 12

  13. Hashcash based PoW • Invented by Adam Back in 1997 — www.hashcash.org • A valid proof satisfies hash(preimage) < target • We can set preimage = data ‖ nonce to commit data to the digest while still being able to find a nonce satisfying the validity condition. • Bitcoin uses SHA-256 applied twice as its block header hashing algorithm, referred to as HASH256 in the source code. • The valid chain with the highest cumulative work is chosen as the correct. 13

  14. Attacks against PoW 1. Attacker tries to create an alternative chain with higher PoW: • Has 100% success rate if the attacker controls more than 50% of the network’s hash power (known as the 51% attack), but with a less powerful attacker the success rate might still be high enough to be financially sensible. • An attacker does not need to own mining hardware: hash power can be controlled by a mining pool (GHash.io) or rented (Nicehash, www.crypto51.app). 2. “Selfish Mining”: An attacker creates a short private alternative chain. She can take advantage of others experiencing propagation delays and carefully choose whether to mine on top of her own chain (and hence not experience propagation delays and increase her apparent hashrate), or switch to the public chain. Can be profitable with just a third of the network’s hashrate. https://bitcoinmagazine.com/articles/selfish-mining-a-25-attack-against-the-bitcoin- network-1383578440/ 14

  15. How long should I wait? • The probability an attacker succeeds is strictly positive. (Consistent with the impossibility of Distributed Consensus) • However, it decreases exponentially with the number of confirmations. • A common suggestion is to wait for 6 confirmations (expected 1 hour). Is that enough? https://www.desmos.com/calculator/fxcydh6vgw Analysis of hashrate-based double-spending, Meni Rosenfeld, https://arxiv.org/pdf/1402.2009.pdf 15

  16. Block times questions Assume a hashrate and difficulty corresponding to 1 block Assuming the Bitcoin hashrate is perfectly constant, and all per 10 minutes. If I uniformly randomly pick a point in blocks have exact timestamps (corresponding to the time time, what is the expected time between the previous they were mined). Which of the options below is closest to block and the next block? the expected time retargetting periods will take? • • 7 minutes 2 weeks minus 10 minutes • • 10 minutes 2 weeks • • 15 minutes 2 weeks plus 10 minutes • • 20 minutes 2 weeks plus 20 minutes 20 20 min inutes 2 weeks, 20 2 20 min inutes, 1.1 1.19 se seconds; i.e i.e. 20 2016 16/2014 × 2 2 weeks Credit to Russell O'Connor and Pieter Wuille. 16

  17. Evolution of Mining A decade of finding preimages 17

  18. Humble beginnings You can get coins by getting someone to send you some, or tu turn on on Optio ions->Generate Coin ins to to run a node and generate blo locks. I made the proof-of-work difficulty ridiculously easy to start with, so for a little while in the beginning a typical PC will be able to generate coins in just a few hours. It'll get a lot harder when competition makes the automatic adjustment drive up the difficulty. Generated coins must wait 120 blocks to mature before they can be spent. www.bitcoin.org, 2009 18

  19. The Satoshi client gets modularity • The Satoshi client got a JSON-RPC API over HTTP. One of the commands available was getwork rk, which allowed external mining software to interact with the client. • Getwork only sends a block header and the target the server is willing to accept. Hence the miner can only modify the nonce and needs to poll the server constantly for new work (when a new block arrives). 19

  20. The first mining pool • With the advent of GPU miners it became more difficult for people to mine solo. • In 2010, user Slush created the first mining pool using getwork at mining.bitcoin.cz. • In December 2010 they mined their first two blocks with a hashrate of about 1.4 GH/s. 20

  21. Vanilla getwork becomes too little • The requirement to constantly poll the server for new work and the lack of flexibility in what can be modified by a miner made the development of extensions necessary. • Long-polling allowed the server to respond to a request only when new work becomes available. • Time rolling allowed miners to update the block timestamp. 21

  22. Stratum Mining Protocol • With the advent of ASIC miners even getwork with extensions became insufficient. • Stratum sends miners not only the block header but also the generation transaction (and some of the internal nodes of the Merkle tree). Hence miners can modify also a portion of the generation transaction known as the extranonce. • Stratum also allows the server itself to send notifications with new work to miners. • Uses the plain, line based JSON-RPC protocol. • Also invented by Slush. 22

  23. An alternative to Stratum • At the same time Stratum was developed the Satoshi client got a new mining related RPC command. • GetB tBlo lockTempla late sends a full potential block to clients and allows a lot of flexibility in what can be modified. • Its advantage is that it potentially allows miners to choose which transactions they want to mine, making pooled mining more decentralized. • However, its verbosity made it impractical for mining hardware which only performs hashing. • Nonetheless it is commonly used by pool servers to communicate with the Bitcoin client. 23

  24. Multipools/ hashrate rentals • Multipools direct their hashpower towards the most profitable coin at any given time. It requires no configuration from hashrate providers, who just expect the pool operator to manage their computational power. • Hashrate providers can also direct their miners at a service which will sell the hashpower to anyone. In that case miners don’t need to care about which coin they will be mining as they are paid according to the demand for hashpower. • In both cases hashrate providers can specify in which currency they are paid, possibly not a cryptocurrency at all. 24

  25. The future • Mining hardware has come close to the limits of current technology so we will likely not see the same huge increases in hashrate as before (for now). • This might lead to more affordable hardware as the first mover advantage of manufacturers diminishes. • BetterHash is a protocol which similarly to GBT intends to give miners more options in terms of modifying blocks. However it is a binary protocol so it’s more efficient than GBT. 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Advances in proof mining Andrei Sipos , September 14, 2020 University of Bucharest Lectureship

Advances in proof mining Andrei Sipos , September 14, 2020 University of Bucharest Lectureship

Advances in proof mining Andrei Sipos , September 14, 2020 University of Bucharest Lectureship Competition Bucures ti, Rom ania Proof mining This, as the title says, is a talk on proof mining : an applied subfield of mathematical logic

2.21k views • 156 slides
Proof Mining: Proof Interpretations and Their Use in Mathematics Ulrich Kohlenbach Department of

Proof Mining: Proof Interpretations and Their Use in Mathematics Ulrich Kohlenbach Department of

Proof Mining: Proof Interpretations and Their Use in Mathematics Ulrich Kohlenbach Department of Mathematics Technische Universit at Darmstadt PhDs in Logic VIII, Darmstadt, May 9-11, 2016 Proof Mining: Proof Interpretations and Their

2.05k views • 166 slides
Proof Mining in Topological Dynamics Philipp Gerhardy Department of Mathematics University of

Proof Mining in Topological Dynamics Philipp Gerhardy Department of Mathematics University of

Introduction van der Waerdens Theorem and Multiple Birkhoff Recurrence Proof Analysis Conclusions and Future Work Proof Mining in Topological Dynamics Philipp Gerhardy Department of Mathematics University of Oslo Joint Mathematics Meeting

260 views • 14 slides
Proof mining in convex optimization Andrei Sipos , (joint work with Laurent iu Leus tean

Proof mining in convex optimization Andrei Sipos , (joint work with Laurent iu Leus tean

Proof mining in convex optimization Andrei Sipos , (joint work with Laurent iu Leus tean and Adriana Nicolae) Institute of Mathematics of the Romanian Academy University of Bucharest May 2, 2017 PhDs in Logic IX Bochum, Deutschland

765 views • 23 slides
Types in Proof Mining Ulrich Kohlenbach Department of Mathematics Technische Universit at

Types in Proof Mining Ulrich Kohlenbach Department of Mathematics Technische Universit at

Types in Proof Mining Ulrich Kohlenbach Department of Mathematics Technische Universit at Darmstadt TYPES 2013, Toulouse, April 22-26, 2013 Types in Proof Mining Extractive Proof Theory (G. Kreisel): New results by logical analysis of

1.56k views • 115 slides
Alternative Mining Puzzles Essential Puzzle Requirements ASIC-Resistant Puzzles

Alternative Mining Puzzles Essential Puzzle Requirements ASIC-Resistant Puzzles

Cryptocurrency Technologies Alternative Mining Puzzles Alternative Mining Puzzles Essential Puzzle Requirements ASIC-Resistant Puzzles Proof-of-Useful-Work Non-outsourceable Puzzles Proof-of-Stake Virtual Mining Puzzles

474 views • 26 slides
on Proof-of-Stake Cryptocurrencies JAEWAN HONG Proof of Stake VIRTUAL MINING TO REPLACE

on Proof-of-Stake Cryptocurrencies JAEWAN HONG Proof of Stake VIRTUAL MINING TO REPLACE

Compounding of Wealth on Proof-of-Stake Cryptocurrencies JAEWAN HONG Proof of Stake VIRTUAL MINING TO REPLACE COMPUTATIONAL PUZZLES Why Virtual Mining? Power on meaningless computation Why Virtual Mining? Power on meaningless

820 views • 55 slides
Mining Pools Prof. Tom Austin San Jos State University Review: Bitcoin mining Miners

Mining Pools Prof. Tom Austin San Jos State University Review: Bitcoin mining Miners

Cryptocurrencies &amp; Security on the Blockchain Mining Pools Prof. Tom Austin San Jos State University Review: Bitcoin mining Miners verify transactions Must find a proof-of-work. Reward: newly generated bitcoins, plus

796 views • 28 slides
Proof mining in topological dynamics Philipp Gerhardy Department of Mathematics University of

Proof mining in topological dynamics Philipp Gerhardy Department of Mathematics University of

Introduction Multiple Birkhoff Recurrence - Proof Analysis Other proofs of van der Waerdens Theorem Other uses of minimality Conclusions Proof mining in topological dynamics Philipp Gerhardy Department of Mathematics University of Oslo

601 views • 23 slides
Proof Mining for Nonexpansive Semigroups PhDs in Logic IX, Bochum 2017 Angeliki

Proof Mining for Nonexpansive Semigroups PhDs in Logic IX, Bochum 2017 Angeliki

Proof Mining for Nonexpansive Semigroups PhDs in Logic IX, Bochum 2017 Angeliki Koutsoukou-Argyraki Research Group Logic, Department of Mathematics TU Darmstadt, Germany Origin of proof interpretations Hilberts 2nd problem (1900): Is

1.05k views • 84 slides
Proofs of communication and its application e-mails Proof-of-work for fighting spam Proof-of-

Proofs of communication and its application e-mails Proof-of-work for fighting spam Proof-of-

SOFSEM 2008 Filtering unwanted Proofs of communication and its application e-mails Proof-of-work for fighting spam Proof-of- communication Location generation Preparing proofs Verifying proof Marek Klonowski Tomasz Strumi nski Open

348 views • 23 slides
PoM @ Breaking Bitcoin Kevin Loaec @kloaec kevin@chainsmiths.com The Proof of Work Mechanism A

PoM @ Breaking Bitcoin Kevin Loaec @kloaec kevin@chainsmiths.com The Proof of Work Mechanism A

PoM @ Breaking Bitcoin Kevin Loaec @kloaec kevin@chainsmiths.com The Proof of Work Mechanism A proof: no doubt possible Work: defined in physics, S.I. unit is the Joule. Gaspard-Gustave Coriolis The Proof of Work Mechanism Electrical work

705 views • 16 slides
Proofs for Satisfiability Problems Marijn J.H. Heule Joint work with Armin Biere X . X ,

Proofs for Satisfiability Problems Marijn J.H. Heule Joint work with Armin Biere X . X ,

Proofs for Satisfiability Problems Marijn J.H. Heule Joint work with Armin Biere X . X , July 18, 2014 1/32 Outline Introduction Proof Systems Proof Search Proof Formats Proof Production Proof Consumption Applications Conclusions

574 views • 36 slides
Equihash: Asymmetric Proof-of-Work based on the Generalized Birthday Problem Alex Biryukov

Equihash: Asymmetric Proof-of-Work based on the Generalized Birthday Problem Alex Biryukov

Equihash: Asymmetric Proof-of-Work based on the Generalized Birthday Problem Alex Biryukov Dmitry Khovratovich University of Luxembourg February 22nd, 2016 Proof (Prover) Verifiers Proof of Work in cryptocurrencies PoW certificate of

550 views • 27 slides
Proof of Stake Recap Bitcoin Incentives Block subsidy Transaction fees Recap

Proof of Stake Recap Bitcoin Incentives Block subsidy Transaction fees Recap

Proof of Stake Recap Bitcoin Incentives Block subsidy Transaction fees Recap Proof of Work Mining Transactions UTXO Nakamoto Consensus Longest chain Recap Scripting Bitcoin Stack Machine Recap

4.84k views • 47 slides
Web Mining Web Mining Web Mining Web Mining Web mining is the use of data mining techniques

Web Mining Web Mining Web Mining Web Mining Web mining is the use of data mining techniques

What is Web Mining? Wh t i W b Mi i What is Web Mining? Wh t i W b Mi i ? ? Web Mining Web Mining Web Mining Web Mining Web mining is the use of data mining techniques to automat cally d scover and extract nformat on automatically

774 views • 20 slides
Common energy scale for magnetism and superconductivity in the cuprates. Amit Kanigel Amit Keren

Common energy scale for magnetism and superconductivity in the cuprates. Amit Kanigel Amit Keren

Common energy scale for magnetism and superconductivity in the cuprates. Amit Kanigel Amit Keren Collaborators A. Knizhnik -Technion J. Lord-ISIS A. Amato-PSI Phase diagram of the cuprates Above some doping level superconductivity

622 views • 39 slides
HTSC Yuval Lubashevsky Prof. Amit Keren The superconductor energy gap The BCS superconductor

HTSC Yuval Lubashevsky Prof. Amit Keren The superconductor energy gap The BCS superconductor

The origin of pseudogap in HTSC Yuval Lubashevsky Prof. Amit Keren The superconductor energy gap The BCS superconductor The pseudogap temperature Timusk Rep. Phys. 62 61-122 1999 NMR Resistivity Specific heat T c T* overdoped

1.13k views • 29 slides
A Consolidated Open Knowledge Representation for Multiple Texts Rachel Wities , Vered Shwartz,

A Consolidated Open Knowledge Representation for Multiple Texts Rachel Wities , Vered Shwartz,

A Consolidated Open Knowledge Representation for Multiple Texts Rachel Wities , Vered Shwartz, Gabriel Stanovsky, Meni Adler, Ori Shapira, Shyam Upadhyay, Dan Roth, Eugenio Martinez Camara, Iryna Gurevych and Ido Dagan 1 Outline: Consolidated

505 views • 39 slides
ra c k re c o rd Pr oje c t HORST WE G in Potsdam ne ar Be r lin, Ho rstwe g 8 in 14482 Ba

ra c k re c o rd Pr oje c t HORST WE G in Potsdam ne ar Be r lin, Ho rstwe g 8 in 14482 Ba

T ra c k re c o rd Pr oje c t HORST WE G in Potsdam ne ar Be r lin, Ho rstwe g 8 in 14482 Ba b e lsb e rg OVE RVIE W T he be ginning of the c onstr uc tions will star t In De c e mbe r 2018 Gr oss inc ome 68,000,000 e ur o T

170 views • 16 slides
STAFF REPORT FOR CALENDAR ITEM NO.: 10 FOR THE MEETING OF: December 12, 2019 TRANSBAY JOINT POWERS

STAFF REPORT FOR CALENDAR ITEM NO.: 10 FOR THE MEETING OF: December 12, 2019 TRANSBAY JOINT POWERS

STAFF REPORT FOR CALENDAR ITEM NO.: 10 FOR THE MEETING OF: December 12, 2019 TRANSBAY JOINT POWERS AUTHORITY BRIEF DESCRIPTION: Presentation of the audited Annual Financial Report of the Transbay Joint Powers Authority (TJPA) for the fiscal year

678 views • 65 slides
PRESENTATION AND INSERVICE MENU Special Education (General Staff) Potential Topics 1.

PRESENTATION AND INSERVICE MENU Special Education (General Staff) Potential Topics 1.

PRESENTATION AND INSERVICE MENU Special Education (General Staff) Potential Topics 1. *Response to Intervention a. RTI and the IDEIA b. Pyramid of Intervention c. ResearchBased Interventions d. Components of RTI 2. *Student

547 views • 3 slides
Tenafly Technology Department Import a PowerPoint Presentation into a FrontPage 2003 Web These

Tenafly Technology Department Import a PowerPoint Presentation into a FrontPage 2003 Web These

Tenafly Technology Department Import a PowerPoint Presentation into a FrontPage 2003 Web These instructions describe how to import a Microsoft PowerPoint presentation into a Microsoft FrontPage Web, and then create a hyperlink on one of your web

53 views • 4 slides
How to Create an Image-only PowerPoint Presentation Description In this tutorial, well show

How to Create an Image-only PowerPoint Presentation Description In this tutorial, well show

Creating an Image Only PowerPoint Presentation How to Create an Image-only PowerPoint Presentation Description In this tutorial, well show how to create an image oriented PowerPoint Presentation. Visual aids can help make presentations more

383 views • 5 slides

More recommend