Proof of work
From Wikipedia, the free encyclopedia
Jump to navigationJump to search
This article may require cleanup to meet Wikipedia's quality standards. The specific problem is: Needs verification and documentation Please help improve this article if you can. (May 2015) (Learn how and when to remove this template message)
Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party (the prover) proves to others (the verifiers) that a certain amount of computational effort has been expended for some purpose. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service *****s such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to the amount of computational effort they have provably expended. PoW and PoS (Proof of Stake) are the two best known consensus mechanisms and in the context of cryptocurrencies also most commonly used.
A key feature of proof-of-work schemes is their asymmetry: the work must be moderately hard (yet feasible) on the prover or requester side but easy to check for the verifier or service provider. This idea is also known as a *****U cost function, client puzzle, computational puzzle, or *****U pricing function. It is distinct in purpose from a CAPTCHA, which is intended for a human to solve quickly, while being difficult to solve for a computer.
Contents
1 Background
2 Variants
3 List of proof-of-work functions
4 Reusable proof-of-work as e-money
4.1 Bitcoin-type proof of work
4.2 Energy consumption
5 ASICs and mining pools
6 See also
7 Notes
8 References
9 External links
Background
One popular system, used in Hashcash, uses partial hash inversions to prove that work was done, as a goodwill token to send an e-mail. For instance, the following header represents about 252 hash computations to send a message to [email protected] on January 19, 2038:
X-Hashcash: 1:52:380119:[email protected]:::9B760005E92F0DAE
It is verified with a single computation by checking that the SHA-1 hash of the stamp (omit the header name X-Hashcash: including the colon and any amount of whitespace following it up to the digit '1') begins with 52 binary zeros, that is 13 hexadecimal zeros:
0000000000000756af69e2ffbdb930261873cd71
Whether PoW systems can actually solve a particular denial-of-service issue such as the spam problem is subject to debate; the system must make sending spam emails obtrusively unproductive for the spammer, but should also not prevent legitimate users from sending their messages. In other words, a genuine user should not encounter any difficulties when sending an email, but an email spammer would have to expend a considerable amount of computing power to send out many emails at once. Proof-of-work systems are being used as a primitive by other more complex cryptographic systems such as bitcoin which uses a system similar to Hashcash.
Variants
There are two classes of proof-of-work protocols.
Challenge–response protocols assume a direct interactive link between the requester (client) and the provider (server). The provider chooses a challenge, say an item in a set with a property, the requester finds the relevant response in the set, which is sent back and checked by the provider. As the challenge is chosen on the spot by the provider, its difficulty can be adapted to its current load. The work on the requester side may be bounded if the challenge-response protocol has a known solution (chosen by the provider), or is known to exist within a bounded search space.
Proof of Work challenge response.svg
Solution–verification protocols do not assume such a link: as a result, the problem must be self-imposed before a solution is sought by the requester, and the provider must check both the problem choice and the found solution. Most such schemes are unbounded probabilistic iterative procedures such as Hashcash.
Proof of Work solution verification.svg
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean).[further explanation needed] A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.
There are also fixed-cost functions such as the time-lock puzzle.
Moreover, the underlying functions used by these schemes may be:
*****U-bound where the computation runs at the speed of the processor, which greatly varies in time, as well as from high-end server to low-end portable devices.
Memory-bound where the computation speed is bound by main memory accesses (either latency or bandwidth), the performance of which is expected to be less sensitive to hardware evolution.
Network-bound if the client must perform few computations, but must collect some tokens from remote servers before querying the final service provider. In this sense, the work is not actually performed by the requester, but it incurs delays anyway because of the latency to get the required tokens.
Finally, some PoW systems offer shortcut computations that allow participants who know a secret, typically a private key, to generate cheap PoWs. The rationale is that mailing-list holders may generate stamps for every recipient without incurring a high cost. Whether such a feature is desirable depends on the usage scenario.
List of proof-of-work functions
Here is a list of known proof-of-work functions:
Integer square root modulo a large prime[dubious – discuss]
Weaken Fiat–Shamir signatures
Ong–Schnorr–Shamir signature broken by Pollard
Partial hash inversion This paper formalizes the idea of a proof of work and introduces "the dependent idea of a bread pudding protocol", a "re-usable proof-of-work" (RPoW) system.
Hash sequences
Puzzles
Diffie–Hellman–based puzzle
Moderate
Mbound
Hokkaido
Cuckoo Cycle
Merkle tree–based
Guided tour puzzle protocol
Reusable proof-of-work as e-money
Computer scientist Hal Finney built on the proof-of-work idea, yielding a system that exploited reusable proof of work (RPoW). The idea of making proofs of work reusable for some practical purpose had already been established in 1999. Finney's purpose for RPoW was as token money. Just as a gold coin's value is thought to be underpinned by the value of the raw gold needed to make it, the value of an RPoW token is guaranteed by the value of the real-world resources required to 'mint' a PoW token. In Finney's version of RPoW, the PoW token is a piece of Hashcash.
A website can demand a PoW token in exchange for service. Requiring a PoW token from users would inhibit frivolous or excessive use of the service, sparing the service's underlying resources, such as bandwidth to the Internet, computation, disk space, electricity, and administrative overhead.
Finney's RPoW system differed from a PoW system in permitting the random exchange of tokens without repeating the work required to generate them. After someone had "spent" a PoW token at a website, the website's operator could exchange that "spent" PoW token for a new, unspent RPoW token, which could then be spent at some third-party website similarly equipped to accept RPoW tokens. This would save the resources otherwise needed to 'mint' a PoW token. The anti-counterfeit property of the RPoW token was guaranteed by remote attestation. The RPoW server that exchanges a used PoW or RPoW token for a new one of equal value uses remote attestation to allow any interested party to verify what software is running on the RPoW server. Since the source code for Finney's RPoW software was published (under a BSD-like license), any sufficiently knowledgeable programmer could, by inspecting the code, verify that the software (and, by extension, the RPoW server) never issued a new token except in exchange for a spent token of equal value.
Until 2009, Finney's system was the only RPoW system to have been implemented; it never saw economically significant use.
RPoW is protected by the private keys stored in the trusted platform module (TPM) hardware and manufacturers holding TPM private keys. Stealing a TPM manufacturer's key or obtaining the key by examining the TPM chip itself would subvert that assurance.
Bitcoin-type proof of work
In 2009, the Bitcoin network went online. Bitcoin is a proof-of-work cryptocurrency that, like Finney's RPoW, is also based on the Hashcash PoW. But in Bitcoin, double-spend protection is provided by a decentralized P2P protocol for tracking transfers of coins, rather than the hardware trusted computing function used by RPoW. Bitcoin has better trustworthiness because it is protected by computation. Bitcoins are "mined" using the Hashcash proof-of-work function by individual miners and verified by the decentralized nodes in the P2P bitcoin network.
The difficulty is periodically adjusted to keep the block time around a target time.
Energy consumption
Since the creation of Bitcoin, proof-of-work has been the predominant design of peer-to-peer cryptocurrency. Many studies have been looking at the energy consumption of mining. The PoW mechanism requires a vast amount of computing resources, which consume a significant amount of electricity. Bitcoin's energy consumption can power an entire country.
However, there is no alternative design known that could replace proof-of-work but keeps its desirable attributes such as:[citation needed]
permissionless mining
fair distribution of coins
security against many known attacks
bootstrappability of new nodes in a hostile environment
graceful degradation and recovery even in the face of a successful attack or network failure
unforgeable and statically verifiable costliness
Also, there have been many attempts at making proof-of-work use non-specialist hardware. However, this is neither possible, because any specific proof-of-work function can be optimised with hardware, nor desirable, because specialist mining equipment improves security by committing miners to the specific network they are mining for.[citation needed]
ASICs and mining pools
Within the Bitcoin community there are groups working together in mining pools. Some miners use application-specific integrated circuits (ASICs) for PoW. This trend toward mining pools and specialized ASICs has made mining some cryptocurrencies economically infeasible for most players without access to the latest ASICs, nearby sources of inexpensive energy, or other special advantages.
Some PoWs claim to be ASIC-resistant, i.e. to limit the efficiency gain that an ASIC can have over commodity hardware, like a GPU, to be well under an order of magnitude. ASIC resistance has the advantage of keeping mining economically feasible on commodity hardware, but also contributes to the corresponding risk that an attacker can briefly rent access to a large amount of unspecialized commodity processing power to launch a 51% attack against a cryptocurrency.
A related worry is double-spending. If a bad actor could spend some bitcoin, then spend it again, confidence in the currency's value would quickly evaporate. To achieve a double-spend the bad actor would need to make up 51% of the mining power of Bitcoin. The larger the Bitcoin network grows the less realistic this becomes as the computing power needed would be astronomical and extremely expensive.ethereum краны
payable ethereum
окупаемость bitcoin
bitcoin escrow blockchain ethereum bitcoin кошелек
hourly bitcoin fast bitcoin bitcoin pdf
earnings bitcoin bitcoin bestchange bitcoin online bitcoin описание cryptocurrency ethereum As the market valuation of the total stock of bitcoins approached US$1 billion, some commentators called bitcoin prices a bubble. In early April 2013, the price per bitcoin dropped from $266 to around $50 and then rose to around $100. Over two weeks starting late June 2013 the price dropped steadily to $70. The price began to recover, peaking once again on 1 October at $140. On 2 October, The Silk Road was seized by the FBI. This seizure caused a flash crash to $110. The price quickly rebounded, returning to $200 several weeks later. The latest run went from $200 on 3 November to $900 on 18 November. Bitcoin passed US$1,000 on 28 November 2013 at Mt. Gox.playstation bitcoin ethereum видеокарты maining bitcoin ethereum node bitcoin unlimited
bitcoin youtube bitcoin рулетка keystore ethereum
bitcoin приложение ethereum crane инструкция bitcoin eos cryptocurrency bitcoin uk bitcoin it keystore ethereum elysium bitcoin
monero hardware It is not controlled by one single company and it has no single point of failure;billionaire bitcoin cardano cryptocurrency bitcoin wm bitcoin foto
bitcoin node tether валюта bitcoin суть topfan bitcoin bitcoin converter ethereum platform tether coin bistler bitcoin bitcoin пополнить multisig bitcoin bitcoin community разработчик bitcoin eth ethereum
ethereum упал the ethereum bitcoin mempool компиляция bitcoin bitcoin форум обновление ethereum Most home computer networks today are peer-to-peer networks. Residential users configure their computers in peer workgroups to allow sharing of files, printers, and other resources equally among all of the devices. Although one computer may act as a file server or fax server at any given time, other home computers often have the equivalent capability to handle those responsibilities.konvert bitcoin пулы bitcoin monster bitcoin bitcoin paypal bitcoin plus video bitcoin
ico cryptocurrency monero amd транзакции bitcoin bitcoin iso ethereum pos dat bitcoin ethereum стоимость bitcoin 15 использование bitcoin pay bitcoin монеты bitcoin cryptocurrency wikipedia
txid ethereum bitcoin putin bitcoin sberbank chvrches tether
bitcoin example adc bitcoin bitcoin сигналы пул monero валюты bitcoin top cryptocurrency dance bitcoin bitcoin рбк создатель ethereum bitcoin venezuela ethereum web3 bitcoin server
bitcoin клиент bitcoin видеокарты bitcoin litecoin торги bitcoin bitcoin gift monero ann википедия ethereum bitcoin reklama bitcoin блок bitcoin 2x bitcoin china купить ethereum tether download global bitcoin bitcoin key future bitcoin bitcoin electrum полевые bitcoin amazon bitcoin seed bitcoin bitcoin исходники вики bitcoin
alliance bitcoin boom bitcoin ютуб bitcoin
bitcoin landing map bitcoin
today bitcoin краны monero monero free Bitcoin is the most popular example of a cryptocurrency but there are many more such as Litecoin and Ethereum that are made to rival it or be used in competing markets.half bitcoin forum ethereum bitcoin bitcointalk bitcoin mt4 enough—Bitcoin must have a go-to-market strategy to reach broad acceptance.shot bitcoin ethereum прогноз *****uminer monero bitcoin fan bitcoin оборот ethereum платформа bitcoin vector tether криптовалюта
lealana bitcoin ethereum обмен bitcoin продать bitcoin fan
bitcoin деньги up bitcoin видео bitcoin factory bitcoin icons bitcoin обновление ethereum ethereum купить bitcoin make habrahabr bitcoin clicker bitcoin bitcoin clouding investment bitcoin bitcoin ticker bitcoin вложения пример bitcoin usb bitcoin bitcoin проверить buy ethereum bitcoin scrypt kraken bitcoin battle bitcoin дешевеет bitcoin iso bitcoin tabtrader bitcoin токены ethereum кошелек bitcoin bitcoin cny картинки bitcoin
bitcoin update bot bitcoin eobot bitcoin wallet tether bitcoin сервисы cryptocurrency chart кошельки bitcoin carding bitcoin bitcoin сделки pos ethereum ethereum сайт bitcoin planet withdraw bitcoin bitcoin qazanmaq bitcoin department ethereum падение
казино ethereum site bitcoin Mining pools need shares to estimate the miner's contribution to the work performed by the pool to find a block. There are numerous miner reward systems: PPS, PROP, PPLNS, PPLNT, and many more.Blockchain MerchantThe basic insight of Bitcoin is clever, but clever in an ugly compromising sort of way. Satoshi explains in an early email: The hash chain can be seen as a way to coordinate mutually untrusting nodes (or trusting nodes using untrusted communication links), and to solve the Byzantine Generals’ Problem. If they try to collaborate on some agreed transaction log which permits some transactions and forbids others (as attempted double-spends), naive solutions will fracture the network and lead to no consensus. So they adopt a new scheme in which the reality of transactions is 'whatever the group with the most computing power says it is'! The hash chain does not aspire to record the 'true' reality or figure out who is a scammer or not; but like Wikipedia, the hash chain simply mirrors one somewhat arbitrarily chosen group’s consensus:описание bitcoin daily bitcoin описание ethereum
bitcoin 99 sberbank bitcoin bitcoin faucet bitcoin кошелька покер bitcoin blue bitcoin часы bitcoin bitcoin конвертер bitcoin mining bitcoin лотерея ethereum сайт monero proxy bitcoin nvidia bitcoin blockstream bitcoin оборот ethereum валюта bitcointalk bitcoin cryptocurrency market перевод bitcoin multiplier bitcoin компьютер bitcoin bag bitcoin bitcoin сервисы bitcoin brokers bitcoin converter bitcoin депозит ethereum rotator
rates bitcoin ethereum курсы ethereum core cryptocurrency calendar bitcoin earn
bitcoin api bitcoin оплата bitcoin tools
ethereum проблемы bitcoin fire форки ethereum forum bitcoin bitcoin carding ethereum платформа mining bitcoin bitcoin uk casper ethereum monero форк calc bitcoin bitcoin россия bitcoin nachrichten source bitcoin analysis bitcoin advcash bitcoin bitcoin торги love bitcoin truffle ethereum dance bitcoin bitcoin значок биржи ethereum flypool ethereum ethereum упал monero fee обменник bitcoin bitcoin приват24 bitcoin adress market bitcoin crococoin bitcoin мастернода bitcoin fasterclick bitcoin gps tether card bitcoin tether chvrches ethereum online обменник bitcoin сложность bitcoin account bitcoin logo ethereum bitcoin legal bitcoin swiss ethereum график bitcoin кэш
bitcoin kraken bitcoin start стоимость monero развод bitcoin life bitcoin bitcoin selling machine bitcoin bitcoin virus bitcoin регистрация асик ethereum bitcoin blog monero обмен bitcoin explorer bitcoin курс bitcoin аналитика ethereum russia bitcoin global статистика ethereum skrill bitcoin bitcoin официальный calculator ethereum bitcoin traffic
word bitcoin bitcoin xpub лучшие bitcoin cryptocurrency logo matrix bitcoin ethereum курсы bitcoin отследить bitcoin monkey bitcoin mixer ico monero monero windows bitcoin pizza 33 bitcoin bitcoin экспресс bitcoin кликер bitcoin vip bitcoin crypto rpc bitcoin bitcoin super bitcoin авто bitcoin заработать matteo monero bitcoin cz ethereum картинки bitcoin purchase валюта monero bitcoin фильм bitcoin protocol биткоин bitcoin Ethereum has smaller blocksbitcoin обналичить alpari bitcoin There is a central point of failure: the bank.Mining- The act of supporting the network through confirming transactions in exchange for currency.Network Consensus %trump2% Full Nodes: enforce common set of governing rulesцена ethereum bitcoin котировка надежность bitcoin трейдинг bitcoin перспективы bitcoin field bitcoin ethereum асик обмен tether web3 ethereum gui monero bitcoin center bitcoin pro сайте bitcoin miner monero asics bitcoin aliexpress bitcoin bitcoin обвал майнер monero bitcoin ocean calculator ethereum golang bitcoin
обмен tether bitcoin hub bitcoin шифрование bitcoin airbitclub bitcoin check кран ethereum заработать bitcoin кости bitcoin free ethereum ethereum краны ethereum бутерин ethereum перевод Volatility Reduction Over Timefasterclick bitcoin bitcoin начало андроид bitcoin фарминг bitcoin bitcoin anonymous
обсуждение bitcoin мониторинг bitcoin donate bitcoin machine bitcoin ethereum claymore bitcoin сеть ethereum контракты форки ethereum A transaction leads to k operations, offering the reward kR to any miner that includes it where R is set by the sender and k and R are (roughly) visible to the miner beforehand.майнер monero chain bitcoin xbt bitcoin bitcoin вклады stats ethereum проблемы bitcoin bitcoin пополнить автомат bitcoin курса ethereum
in bitcoin bitcoin анонимность bitcoin пул
bitcoin airbitclub ethereum calc bitcoin будущее Blockchains are an extremely novel technology, and cryptocurrencies based on blockchain technology do have a lot of reputable applications as a means of global exchange and store of value. The technology itself is open source, though, so the only value that individual coins have is their network effect, which includes how well-designed the coin is. Bitcoin was the first one, and is beautifully designed.accepts bitcoin bitcoin status monero simplewallet bitcoin wmx цена ethereum 999 bitcoin avto bitcoin платформы ethereum bitcoin bot bitcoin exchanges
2016 bitcoin bitcoin google акции bitcoin balance bitcoin bitcoin коды bitcoin earning ethereum курс ethereum explorer сервера bitcoin cryptocurrency charts rotator bitcoin bitcoin котировки bitcoin nachrichten обновление ethereum bitcoin суть bitcoin баланс ico ethereum bitcoin курс bitcoin airbit tether верификация bitcoin деньги nicehash monero bitcoin рухнул bitcoin обналичить bitcoin видеокарты hashrate ethereum
ethereum краны алгоритмы ethereum вывод ethereum The data is accessible in a secure and shared environment, instead of being locked to one company or person at a time (at the risk of losing the data). For example, if the data was stored on one computer and that computer was hacked or shut down, the newest version of the data would be lost.bitcoin knots bitcoin продать btc bitcoin bitcoin save перевод ethereum token ethereum bitcoin like
code bitcoin
ethereum клиент заработка bitcoin
bitcoin майнинга
tether приложение alipay bitcoin
usb tether captcha bitcoin bitcoin игры future bitcoin
ethereum 1080 bitcoin рублях bitcoin run
bitcoin loan alliance bitcoin 6000 bitcoin wei ethereum best bitcoin bitcoin rpc reddit bitcoin bitcoin 2x To implement a distributed timestamp server on a peer-to-peer basis, we will need to use a proofof-work system similar to Adam Back's Hashcash, rather than newspaper or Usenet posts.usa bitcoin bitcoin 1000 ethereum pools bitcoin vps
мониторинг bitcoin bitcoin habr gui monero bitcoin investing future bitcoin платформы ethereum обновление ethereum перевод tether adc bitcoin bus bitcoin mixer bitcoin mine ethereum bitcoin pools
monero fr cryptocurrency wallet bitcoin hardware bitcoin fortune electrum bitcoin bitcoin кошелька проект bitcoin bitcoin vps top cryptocurrency карты bitcoin bitcoin wallpaper bitcoin selling
99 bitcoin rus bitcoin bitcoin payoneer проекта ethereum
компания bitcoin форк ethereum bitcoin roulette bitcoin pizza bitcoin collector знак bitcoin monero майнинг earn bitcoin stake bitcoin bitcoin s bitcoin income
dark bitcoin ethereum биткоин исходники bitcoin generator bitcoin
история bitcoin nodes bitcoin криптовалюту bitcoin trading cryptocurrency ethereum stratum bitcoin protocol
remix ethereum ethereum сайт se*****256k1 bitcoin bitcoin 100 bitcoin покер 2016 bitcoin ethereum акции bitcoin transaction cfd bitcoin polkadot ico tether приложения bitcoin dogecoin monero хардфорк block ethereum обвал ethereum Protocol modifications, such as increasing the block award from 25 to 50 BTC, are not compatible with clients already running in the network. If the developers were to release a new client that the majority of miners perceives as corrupt, or in violation of the project’s aims, that client would simply not catch on, and the few users who do try to use it would find that their transactions get rejected by the network.torrent bitcoin кошелек monero ssl bitcoin TWITTERbitcoin rotator p2pool bitcoin спекуляция bitcoin bitcoin xl 10 bitcoin vpn bitcoin game bitcoin bitcoin кошелек bitcoin скачать капитализация ethereum bitcoin iq wild bitcoin addnode bitcoin автокран bitcoin
bitcoin free bitcoin server андроид bitcoin trade cryptocurrency bitcoin alliance fee bitcoin
bitcoin get удвоитель bitcoin bitcoin fan bitcoin конвертер ютуб bitcoin bitcoin анализ капитализация bitcoin инвестирование bitcoin unconfirmed bitcoin bitcoin monkey bitcoin source keystore ethereum bitcoin q ads bitcoin armory bitcoin цена ethereum bitcoin отследить bitcoin спекуляция 50 bitcoin carding bitcoin cryptocurrency chart gift bitcoin bitcoin блокчейн service bitcoin платформу ethereum platinum bitcoin 'As a thought experiment, imagine there was a base metal as scarce as gold but with the following properties: – boring grey in colour – not a good conductor of electricity – not particularly strong, but not ductile or easily malleable either – not useful for any practical or ornamental purpose and one special, magical property: – can be transported over a communications channel'
