Proof of work
From Wikipedia, the free encyclopedia
Jump to navigationJump to search
This article may require cleanup to meet Wikipedia's quality standards. The specific problem is: Needs verification and documentation Please help improve this article if you can. (May 2015) (Learn how and when to remove this template message)
Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party (the prover) proves to others (the verifiers) that a certain amount of computational effort has been expended for some purpose. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service *****s such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to the amount of computational effort they have provably expended. PoW and PoS (Proof of Stake) are the two best known consensus mechanisms and in the context of cryptocurrencies also most commonly used.
A key feature of proof-of-work schemes is their asymmetry: the work must be moderately hard (yet feasible) on the prover or requester side but easy to check for the verifier or service provider. This idea is also known as a *****U cost function, client puzzle, computational puzzle, or *****U pricing function. It is distinct in purpose from a CAPTCHA, which is intended for a human to solve quickly, while being difficult to solve for a computer.
Contents
1 Background
2 Variants
3 List of proof-of-work functions
4 Reusable proof-of-work as e-money
4.1 Bitcoin-type proof of work
4.2 Energy consumption
5 ASICs and mining pools
6 See also
7 Notes
8 References
9 External links
Background
One popular system, used in Hashcash, uses partial hash inversions to prove that work was done, as a goodwill token to send an e-mail. For instance, the following header represents about 252 hash computations to send a message to [email protected] on January 19, 2038:
X-Hashcash: 1:52:380119:[email protected]:::9B760005E92F0DAE
It is verified with a single computation by checking that the SHA-1 hash of the stamp (omit the header name X-Hashcash: including the colon and any amount of whitespace following it up to the digit '1') begins with 52 binary zeros, that is 13 hexadecimal zeros:
0000000000000756af69e2ffbdb930261873cd71
Whether PoW systems can actually solve a particular denial-of-service issue such as the spam problem is subject to debate; the system must make sending spam emails obtrusively unproductive for the spammer, but should also not prevent legitimate users from sending their messages. In other words, a genuine user should not encounter any difficulties when sending an email, but an email spammer would have to expend a considerable amount of computing power to send out many emails at once. Proof-of-work systems are being used as a primitive by other more complex cryptographic systems such as bitcoin which uses a system similar to Hashcash.
Variants
There are two classes of proof-of-work protocols.
Challenge–response protocols assume a direct interactive link between the requester (client) and the provider (server). The provider chooses a challenge, say an item in a set with a property, the requester finds the relevant response in the set, which is sent back and checked by the provider. As the challenge is chosen on the spot by the provider, its difficulty can be adapted to its current load. The work on the requester side may be bounded if the challenge-response protocol has a known solution (chosen by the provider), or is known to exist within a bounded search space.
Proof of Work challenge response.svg
Solution–verification protocols do not assume such a link: as a result, the problem must be self-imposed before a solution is sought by the requester, and the provider must check both the problem choice and the found solution. Most such schemes are unbounded probabilistic iterative procedures such as Hashcash.
Proof of Work solution verification.svg
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean).[further explanation needed] A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.
There are also fixed-cost functions such as the time-lock puzzle.
Moreover, the underlying functions used by these schemes may be:
*****U-bound where the computation runs at the speed of the processor, which greatly varies in time, as well as from high-end server to low-end portable devices.
Memory-bound where the computation speed is bound by main memory accesses (either latency or bandwidth), the performance of which is expected to be less sensitive to hardware evolution.
Network-bound if the client must perform few computations, but must collect some tokens from remote servers before querying the final service provider. In this sense, the work is not actually performed by the requester, but it incurs delays anyway because of the latency to get the required tokens.
Finally, some PoW systems offer shortcut computations that allow participants who know a secret, typically a private key, to generate cheap PoWs. The rationale is that mailing-list holders may generate stamps for every recipient without incurring a high cost. Whether such a feature is desirable depends on the usage scenario.
List of proof-of-work functions
Here is a list of known proof-of-work functions:
Integer square root modulo a large prime[dubious – discuss]
Weaken Fiat–Shamir signatures
Ong–Schnorr–Shamir signature broken by Pollard
Partial hash inversion This paper formalizes the idea of a proof of work and introduces "the dependent idea of a bread pudding protocol", a "re-usable proof-of-work" (RPoW) system.
Hash sequences
Puzzles
Diffie–Hellman–based puzzle
Moderate
Mbound
Hokkaido
Cuckoo Cycle
Merkle tree–based
Guided tour puzzle protocol
Reusable proof-of-work as e-money
Computer scientist Hal Finney built on the proof-of-work idea, yielding a system that exploited reusable proof of work (RPoW). The idea of making proofs of work reusable for some practical purpose had already been established in 1999. Finney's purpose for RPoW was as token money. Just as a gold coin's value is thought to be underpinned by the value of the raw gold needed to make it, the value of an RPoW token is guaranteed by the value of the real-world resources required to 'mint' a PoW token. In Finney's version of RPoW, the PoW token is a piece of Hashcash.
A website can demand a PoW token in exchange for service. Requiring a PoW token from users would inhibit frivolous or excessive use of the service, sparing the service's underlying resources, such as bandwidth to the Internet, computation, disk space, electricity, and administrative overhead.
Finney's RPoW system differed from a PoW system in permitting the random exchange of tokens without repeating the work required to generate them. After someone had "spent" a PoW token at a website, the website's operator could exchange that "spent" PoW token for a new, unspent RPoW token, which could then be spent at some third-party website similarly equipped to accept RPoW tokens. This would save the resources otherwise needed to 'mint' a PoW token. The anti-counterfeit property of the RPoW token was guaranteed by remote attestation. The RPoW server that exchanges a used PoW or RPoW token for a new one of equal value uses remote attestation to allow any interested party to verify what software is running on the RPoW server. Since the source code for Finney's RPoW software was published (under a BSD-like license), any sufficiently knowledgeable programmer could, by inspecting the code, verify that the software (and, by extension, the RPoW server) never issued a new token except in exchange for a spent token of equal value.
Until 2009, Finney's system was the only RPoW system to have been implemented; it never saw economically significant use.
RPoW is protected by the private keys stored in the trusted platform module (TPM) hardware and manufacturers holding TPM private keys. Stealing a TPM manufacturer's key or obtaining the key by examining the TPM chip itself would subvert that assurance.
Bitcoin-type proof of work
In 2009, the Bitcoin network went online. Bitcoin is a proof-of-work cryptocurrency that, like Finney's RPoW, is also based on the Hashcash PoW. But in Bitcoin, double-spend protection is provided by a decentralized P2P protocol for tracking transfers of coins, rather than the hardware trusted computing function used by RPoW. Bitcoin has better trustworthiness because it is protected by computation. Bitcoins are "mined" using the Hashcash proof-of-work function by individual miners and verified by the decentralized nodes in the P2P bitcoin network.
The difficulty is periodically adjusted to keep the block time around a target time.
Energy consumption
Since the creation of Bitcoin, proof-of-work has been the predominant design of peer-to-peer cryptocurrency. Many studies have been looking at the energy consumption of mining. The PoW mechanism requires a vast amount of computing resources, which consume a significant amount of electricity. Bitcoin's energy consumption can power an entire country.
However, there is no alternative design known that could replace proof-of-work but keeps its desirable attributes such as:[citation needed]
permissionless mining
fair distribution of coins
security against many known attacks
bootstrappability of new nodes in a hostile environment
graceful degradation and recovery even in the face of a successful attack or network failure
unforgeable and statically verifiable costliness
Also, there have been many attempts at making proof-of-work use non-specialist hardware. However, this is neither possible, because any specific proof-of-work function can be optimised with hardware, nor desirable, because specialist mining equipment improves security by committing miners to the specific network they are mining for.[citation needed]
ASICs and mining pools
Within the Bitcoin community there are groups working together in mining pools. Some miners use application-specific integrated circuits (ASICs) for PoW. This trend toward mining pools and specialized ASICs has made mining some cryptocurrencies economically infeasible for most players without access to the latest ASICs, nearby sources of inexpensive energy, or other special advantages.
Some PoWs claim to be ASIC-resistant, i.e. to limit the efficiency gain that an ASIC can have over commodity hardware, like a GPU, to be well under an order of magnitude. ASIC resistance has the advantage of keeping mining economically feasible on commodity hardware, but also contributes to the corresponding risk that an attacker can briefly rent access to a large amount of unspecialized commodity processing power to launch a 51% attack against a cryptocurrency.
bitcoin china
обменники bitcoin
bitcoin spin
bitcoin пополнение bitcoin биржа
tether скачать alien bitcoin bitcoin mail bitcoin блокчейн bitcoin технология bitcoin генераторы trade cryptocurrency bitcoin q
bitcoin 2016 bitcoin россия
bitcoin microsoft форки bitcoin
bitcoin rub форки ethereum смысл bitcoin bitcoin игры bitcoin матрица ethereum rub security bitcoin ethereum siacoin mining bitcoin верификация tether платформе ethereum ethereum картинки bitcoin tm bitcoin hardfork
ethereum обвал
ethereum php
bitcoin обучение ethereum кран bitcoin сегодня
ropsten ethereum токены ethereum coinder bitcoin
ethereum stats криптовалюта ethereum фарминг bitcoin bitcoin flapper bitcoin bloomberg
ethereum книга bitcoin кредиты bitcoin monero курс monero краны bitcoin wm community bitcoin vps bitcoin difficulty monero monero rub bitcoin в bitcoin sberbank bitcoin футболка bitcoin форекс bitcoin софт пирамида bitcoin bistler bitcoin fire bitcoin drip bitcoin bitcoin блок bitcoin auto bitcoin mt4
lealana bitcoin bitcoin gpu bitcoin будущее инструкция bitcoin автомат bitcoin joker bitcoin bitcoin vps bitcoin mmgp bitcoin services курс tether Tim Robberts/Taxi/Getty Imagestera bitcoin asus bitcoin bitcoin win bitcoin войти bitcoin комбайн habrahabr bitcoin bitcoin комиссия bitrix bitcoin bitcoin dogecoin planet bitcoin
bitcoin satoshi bitcoin wm bitcoin книга
ethereum 4pda
stealer bitcoin hacking bitcoin monero криптовалюта monero bitcointalk ethereum android bitcoin фермы консультации bitcoin daily bitcoin
bitcoin cryptocurrency bitcoin banking bitcoin keywords bitcoin icon bitcoin symbol golden bitcoin tether 4pda registration bitcoin bitcoin аккаунт
bitcoin passphrase bitcoin cap tether скачать world bitcoin cryptocurrency magazine bitcoin x bitcoin кранов
bitcoin node cryptocurrency charts create bitcoin ssl bitcoin bitcoin traffic ethereum конвертер bitcoin help bitcoin easy ethereum contract
bitcoin 2018 bitcoin primedice ethereum myetherwallet ethereum charts видеокарты ethereum google bitcoin bitcoin reward ethereum transactions bitcoin auto bitcoin journal bitcoin check куплю bitcoin майнинга bitcoin bitcoin fpga майнер bitcoin bitcoin торги bitcoin в ethereum web3 factory bitcoin ethereum dao ethereum видеокарты bitcoin bear эпоха ethereum bitcoin eth ethereum хешрейт ethereum адрес ethereum bitcointalk download bitcoin инструмент bitcoin разработчик bitcoin trade cryptocurrency bitcoin goldmine bitcoin машина вики bitcoin bitcoin руб купить bitcoin bitcoin eth 1 bitcoin
bitcoin alliance
bitcoin free обсуждение bitcoin
hosting bitcoin bitcoin grafik bitcoin etf p2pool monero
скачать bitcoin Make colluding to change the rules extremely expensive to attempt.bitcoin address get bitcoin mac bitcoin
calculator cryptocurrency bitcoin nvidia ethereum описание According to PricewaterhouseCoopers, four of the 10 biggest proposed initial coin offerings have used Switzerland as a base, where they are frequently registered as non-profit foundations. The Swiss regulatory agency FINMA stated that it would take a 'balanced approach' to ICO projects and would allow 'legitimate innovators to navigate the regulatory landscape and so launch their projects in a way consistent with national laws protecting investors and the integrity of the financial system.' In response to numerous requests by industry representatives, a legislative ICO working group began to issue legal guidelines in 2018, which are intended to remove uncertainty from cryptocurrency offerings and to establish sustainable business practices.ethereum pool blake bitcoin bitcoin monkey 600 bitcoin bitcoin blockstream
отдам bitcoin ethereum explorer alpari bitcoin ethereum telegram bitcoin frog jpmorgan bitcoin Hot walletshome bitcoin ethereum пул nanopool ethereum bitcoin metatrader bitcoin ads wallets cryptocurrency
testnet ethereum bitcoin office bitcoin capitalization проверить bitcoin
click bitcoin bitcoin курсы bitcoin sec сеть ethereum обмен tether bitcoin мошенничество bitcoin vector lurkmore bitcoin puzzle bitcoin mikrotik bitcoin bitcoin reindex monero miner bitcoin котировки get bitcoin bitcoin xyz bitcoin register продать ethereum cryptocurrency bitcoin zona etoro bitcoin stealer bitcoin dash cryptocurrency bitcoin платформа ethereum кошелька Around 72 million ETH were created for the crowdsale in July/Aug 2014. This is sometimes called a ‘pre-mine’. It was decided that post-crowdsale, future ETH generation would be capped at 25% of that per year (ie no more than 18m ETH could be mined per year, in addition to the one-off -72m ETH generated for the crowdsale).bitcoin ocean A non-starter for investors; it is pure speculation on corporate-style projects which will inevitably rank lower in developer draw and higher in transaction costs, with more bugs and less stability than FOSS permissionless blockchains.rigname ethereum
bitcoin map ico monero tabtrader bitcoin moto bitcoin bitcoin wsj best cryptocurrency monero faucet tether coin bitcoin китай flash bitcoin rus bitcoin bitcoin прогноз bitcoin обменять mine ethereum INTRODUCTIONbitcoin froggy 2. Crypto Mining Is Expensivemonero курс bitcoin кранов bitcoin лопнет bitcoin государство платформ ethereum bitcoin reindex accelerator bitcoin ethereum транзакции bitcoin математика bitcoin legal bitcoin io цена ethereum bitcoin получить nicehash ethereum bitcoin apple wmx bitcoin bitcoin pro
bitcoin сборщик
приват24 bitcoin tether обменник 4pda bitcoin bitcoin knots cronox bitcoin криптовалюту monero конвектор bitcoin free ethereum network bitcoin bitcoin пул краны monero bitcoin habr ethereum russia logo ethereum bitcoin create claim bitcoin котировки ethereum
создатель bitcoin bitcoin 20
bitcoin com monero биржи testnet ethereum bitcoin blog bitcoin автокран amd bitcoin The most important part of any wallet is keeping your keys and/or passwords safe. If you lose them, you lose access to the bitcoin stored there. In addition, never invest more than you can afford to lose – cryptocurrencies are volatile and their prices could go down as well as up.tor bitcoin email bitcoin bitcoin block bitcoin картинки ethereum токены bitcoin earnings bitcoin double bitcoin golang space bitcoin bitcoin earning кошельки bitcoin bitcoin ставки bitcoin programming 60 bitcoin bitcoin nvidia bitcoin фильм bitcoin путин ethereum прогноз 2016 bitcoin reddit cryptocurrency bitcoin dollar ethereum logo bitcoin miner monero pro to bitcoin lamborghini bitcoin платформу ethereum cardano cryptocurrency форк ethereum добыча ethereum A financial system with the aforementioned attributes is not a new concept. Ever since Tim May had proposed 'crypto anarchy' in 1992, the cypherpunks had been trying to realize their digital currency systems as a way of creating a private, pseudonymous micro-economy that would be resistant to cheating or counterfeiting—even without anyone policing the participants.bitcoin keywords See All Coupons of Best WalletsIn addition to these cold storage methods, the concept of a deep cold storage service has also gained traction in recent years. It was introduced by a London-based company which offered the security of a bank vault for securing the keys of bitcoin wallets. This service is insured by an underwriter thus providing protection against theft or loss of bitcoins. This service has a drawback as it requires the identity and address proof of the person seeking the service. This tends to dissuade those who want to be anonymous owners from availing the service. The custody service by Elliptic Vault is an example of a deep cold storage.Cold Storagebitcoin global dwarfpool monero развод bitcoin block bitcoin monero продать mt4 bitcoin bitcoin mine bitcoin collector рубли bitcoin bitcoin shops tether coin
обвал bitcoin
cgminer bitcoin testnet bitcoin робот bitcoin bitcoin analysis mining bitcoin monero краны bitcoin delphi bitcoin asics bitcoin skrill bitcoin apple stealer bitcoin bitcoin analysis bitcoin лотерея
monero calculator bitcoin бонусы bitcoin ishlash обновление ethereum minergate bitcoin bitcoin упал bitcoin background wordpress bitcoin bitcoin блог bitcoin анонимность blue bitcoin
алгоритм bitcoin nvidia bitcoin перевод bitcoin bitcoin инструкция
bitcoin sberbank bitcoin cryptocurrency bitcoin получить
разделение ethereum bitcoin аккаунт 3d bitcoin bitcoin blockstream
bitcoin статья покер bitcoin bitcoin calc pool monero
дешевеет bitcoin приложение bitcoin bitcoin check bitcoin analysis mastering bitcoin cryptocurrency trading приложения bitcoin bitcoin trading bitcoin map bitcoin магазины putin bitcoin
bitcoin cfd
bitcoin multiplier 4000 bitcoin enterprise ethereum reddit bitcoin future bitcoin займ bitcoin проект bitcoin bitcoin hashrate котировки ethereum ava bitcoin bitcoin symbol bitcoin вход
a large number of leaf nodes at the bottom of the tree that contain the underlying dataKnown-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean). A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.андроид bitcoin bitcoin haqida
bitcoin lion registration bitcoin london bitcoin bitcoin робот bitcoin hyip майнинга bitcoin asics bitcoin
why cryptocurrency bitcoin tradingview clockworkmod tether mastering bitcoin ethereum майнить water bitcoin ethereum телеграмм bitcoin two tether coin Secondly, supply may also be impacted by the number of bitcoins the system allows to exist. This number is capped at 21 million, where once this number is reached, mining activities will no longer create new bitcoins. For example. the supply of bitcoin reached 18.1 million in December 2019, representing 86.2% of the supply of bitcoin that will ultimately be made available. Once 21 million bitcoins are in circulation, prices depend on whether it is considered practical (readily usable in transactions), legal, and in demand, which is determined by the popularity of other cryptocurrencies. The artificial inflation mechanism of the halving of block rewards will no longer have an impact on the price of the cryptocurrency. However, at the current rate of adjustment of block rewards, the last bitcoin is not set to be mined until the year 2140 or so.rigname ethereum
ethereum рост bitcoin talk cryptocurrency bitcoin аккаунт bitcoin взлом monero пулы buying bitcoin bitcoin tm bitcoin price bitcoin parser bitcoin сервер bitcoin png bitcoin count bitcoin 4000 byzantium ethereum habrahabr bitcoin remix ethereum продам bitcoin bitcoin flapper ethereum course запуск bitcoin battle bitcoin
котировка bitcoin bitcoin millionaire bitcoin государство 1060 monero bitcoin london bitcoin ocean escrow bitcoin bitcoin wordpress таблица bitcoin bitcoin майнер
россия bitcoin tinkoff bitcoin bitcoin ферма alpari bitcoin 1 ethereum faucet cryptocurrency short bitcoin ltd bitcoin bitcoin reserve ethereum капитализация кошельки bitcoin использование bitcoin 5 bitcoin ethereum forks bitcoin блок cryptocurrency charts ethereum debian tether обменник bitcoin login вывод monero ethereum mist datadir bitcoin faucet bitcoin bitcoin protocol сбербанк bitcoin криптовалюту monero
bitcoin faucets кликер bitcoin monero pools calculator cryptocurrency удвоитель bitcoin получение bitcoin bitcoin wm jaxx bitcoin bitcoin регистрации kurs bitcoin bank cryptocurrency bitcoin путин конвертер bitcoin бот bitcoin clockworkmod tether bitcoin desk bitcoin халява bitcoin автоматически ethereum транзакции bitcoin cran bitcoin 4 supernova ethereum bitcoin xpub
free monero обменник ethereum
казино bitcoin platinum bitcoin bitcoin payoneer elena bitcoin теханализ bitcoin monero fr bitcoin миксеры avto bitcoin фонд ethereum tether ico bitcoin суть bitcoin заработать micro bitcoin tp tether bitcoin исходники rush bitcoin bitcoin форки bitcoin payeer moto bitcoin dash cryptocurrency зарегистрироваться bitcoin Whether governments around the world will accept cryptocurrencies as legal tender, or choose to ban them entirely.bitcoin xyz • $2 trillion annual market for electronic paymentsnicehash bitcoin ротатор bitcoin биржи bitcoin usb bitcoin ad bitcoin ethereum mining video bitcoin bitcoin x monero купить bitcoin carding обои bitcoin монет bitcoin
stellar cryptocurrency bitcoin tm кости bitcoin nodes bitcoin bitcoin capitalization bitcoin explorer
mikrotik bitcoin обмен tether difficulty bitcoin p2p bitcoin bank cryptocurrency bitcoin лопнет bitcoin doge wallpaper bitcoin
скачать tether
bitcoin торрент bitcoin reserve
