Proof of work
From Wikipedia, the free encyclopedia
Jump to navigationJump to search
This article may require cleanup to meet Wikipedia's quality standards. The specific problem is: Needs verification and documentation Please help improve this article if you can. (May 2015) (Learn how and when to remove this template message)
Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party (the prover) proves to others (the verifiers) that a certain amount of computational effort has been expended for some purpose. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service *****s such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to the amount of computational effort they have provably expended. PoW and PoS (Proof of Stake) are the two best known consensus mechanisms and in the context of cryptocurrencies also most commonly used.
A key feature of proof-of-work schemes is their asymmetry: the work must be moderately hard (yet feasible) on the prover or requester side but easy to check for the verifier or service provider. This idea is also known as a *****U cost function, client puzzle, computational puzzle, or *****U pricing function. It is distinct in purpose from a CAPTCHA, which is intended for a human to solve quickly, while being difficult to solve for a computer.
Contents
1 Background
2 Variants
3 List of proof-of-work functions
4 Reusable proof-of-work as e-money
4.1 Bitcoin-type proof of work
4.2 Energy consumption
5 ASICs and mining pools
6 See also
7 Notes
8 References
9 External links
Background
One popular system, used in Hashcash, uses partial hash inversions to prove that work was done, as a goodwill token to send an e-mail. For instance, the following header represents about 252 hash computations to send a message to [email protected] on January 19, 2038:
X-Hashcash: 1:52:380119:[email protected]:::9B760005E92F0DAE
It is verified with a single computation by checking that the SHA-1 hash of the stamp (omit the header name X-Hashcash: including the colon and any amount of whitespace following it up to the digit '1') begins with 52 binary zeros, that is 13 hexadecimal zeros:
0000000000000756af69e2ffbdb930261873cd71
Whether PoW systems can actually solve a particular denial-of-service issue such as the spam problem is subject to debate; the system must make sending spam emails obtrusively unproductive for the spammer, but should also not prevent legitimate users from sending their messages. In other words, a genuine user should not encounter any difficulties when sending an email, but an email spammer would have to expend a considerable amount of computing power to send out many emails at once. Proof-of-work systems are being used as a primitive by other more complex cryptographic systems such as bitcoin which uses a system similar to Hashcash.
Variants
There are two classes of proof-of-work protocols.
Challenge–response protocols assume a direct interactive link between the requester (client) and the provider (server). The provider chooses a challenge, say an item in a set with a property, the requester finds the relevant response in the set, which is sent back and checked by the provider. As the challenge is chosen on the spot by the provider, its difficulty can be adapted to its current load. The work on the requester side may be bounded if the challenge-response protocol has a known solution (chosen by the provider), or is known to exist within a bounded search space.
Proof of Work challenge response.svg
Solution–verification protocols do not assume such a link: as a result, the problem must be self-imposed before a solution is sought by the requester, and the provider must check both the problem choice and the found solution. Most such schemes are unbounded probabilistic iterative procedures such as Hashcash.
Proof of Work solution verification.svg
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean).[further explanation needed] A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.
There are also fixed-cost functions such as the time-lock puzzle.
Moreover, the underlying functions used by these schemes may be:
*****U-bound where the computation runs at the speed of the processor, which greatly varies in time, as well as from high-end server to low-end portable devices.
Memory-bound where the computation speed is bound by main memory accesses (either latency or bandwidth), the performance of which is expected to be less sensitive to hardware evolution.
Network-bound if the client must perform few computations, but must collect some tokens from remote servers before querying the final service provider. In this sense, the work is not actually performed by the requester, but it incurs delays anyway because of the latency to get the required tokens.
Finally, some PoW systems offer shortcut computations that allow participants who know a secret, typically a private key, to generate cheap PoWs. The rationale is that mailing-list holders may generate stamps for every recipient without incurring a high cost. Whether such a feature is desirable depends on the usage scenario.
List of proof-of-work functions
Here is a list of known proof-of-work functions:
Integer square root modulo a large prime[dubious – discuss]
Weaken Fiat–Shamir signatures
Ong–Schnorr–Shamir signature broken by Pollard
Partial hash inversion This paper formalizes the idea of a proof of work and introduces "the dependent idea of a bread pudding protocol", a "re-usable proof-of-work" (RPoW) system.
Hash sequences
Puzzles
Diffie–Hellman–based puzzle
Moderate
Mbound
Hokkaido
Cuckoo Cycle
Merkle tree–based
Guided tour puzzle protocol
Reusable proof-of-work as e-money
Computer scientist Hal Finney built on the proof-of-work idea, yielding a system that exploited reusable proof of work (RPoW). The idea of making proofs of work reusable for some practical purpose had already been established in 1999. Finney's purpose for RPoW was as token money. Just as a gold coin's value is thought to be underpinned by the value of the raw gold needed to make it, the value of an RPoW token is guaranteed by the value of the real-world resources required to 'mint' a PoW token. In Finney's version of RPoW, the PoW token is a piece of Hashcash.
A website can demand a PoW token in exchange for service. Requiring a PoW token from users would inhibit frivolous or excessive use of the service, sparing the service's underlying resources, such as bandwidth to the Internet, computation, disk space, electricity, and administrative overhead.
Finney's RPoW system differed from a PoW system in permitting the random exchange of tokens without repeating the work required to generate them. After someone had "spent" a PoW token at a website, the website's operator could exchange that "spent" PoW token for a new, unspent RPoW token, which could then be spent at some third-party website similarly equipped to accept RPoW tokens. This would save the resources otherwise needed to 'mint' a PoW token. The anti-counterfeit property of the RPoW token was guaranteed by remote attestation. The RPoW server that exchanges a used PoW or RPoW token for a new one of equal value uses remote attestation to allow any interested party to verify what software is running on the RPoW server. Since the source code for Finney's RPoW software was published (under a BSD-like license), any sufficiently knowledgeable programmer could, by inspecting the code, verify that the software (and, by extension, the RPoW server) never issued a new token except in exchange for a spent token of equal value.
Until 2009, Finney's system was the only RPoW system to have been implemented; it never saw economically significant use.
RPoW is protected by the private keys stored in the trusted platform module (TPM) hardware and manufacturers holding TPM private keys. Stealing a TPM manufacturer's key or obtaining the key by examining the TPM chip itself would subvert that assurance.
Bitcoin-type proof of work
In 2009, the Bitcoin network went online. Bitcoin is a proof-of-work cryptocurrency that, like Finney's RPoW, is also based on the Hashcash PoW. But in Bitcoin, double-spend protection is provided by a decentralized P2P protocol for tracking transfers of coins, rather than the hardware trusted computing function used by RPoW. Bitcoin has better trustworthiness because it is protected by computation. Bitcoins are "mined" using the Hashcash proof-of-work function by individual miners and verified by the decentralized nodes in the P2P bitcoin network.
The difficulty is periodically adjusted to keep the block time around a target time.
Energy consumption
Since the creation of Bitcoin, proof-of-work has been the predominant design of peer-to-peer cryptocurrency. Many studies have been looking at the energy consumption of mining. The PoW mechanism requires a vast amount of computing resources, which consume a significant amount of electricity. Bitcoin's energy consumption can power an entire country.
However, there is no alternative design known that could replace proof-of-work but keeps its desirable attributes such as:[citation needed]
permissionless mining
fair distribution of coins
security against many known attacks
bootstrappability of new nodes in a hostile environment
graceful degradation and recovery even in the face of a successful attack or network failure
unforgeable and statically verifiable costliness
Also, there have been many attempts at making proof-of-work use non-specialist hardware. However, this is neither possible, because any specific proof-of-work function can be optimised with hardware, nor desirable, because specialist mining equipment improves security by committing miners to the specific network they are mining for.[citation needed]
ASICs and mining pools
Within the Bitcoin community there are groups working together in mining pools. Some miners use application-specific integrated circuits (ASICs) for PoW. This trend toward mining pools and specialized ASICs has made mining some cryptocurrencies economically infeasible for most players without access to the latest ASICs, nearby sources of inexpensive energy, or other special advantages.
Some PoWs claim to be ASIC-resistant, i.e. to limit the efficiency gain that an ASIC can have over commodity hardware, like a GPU, to be well under an order of magnitude. ASIC resistance has the advantage of keeping mining economically feasible on commodity hardware, but also contributes to the corresponding risk that an attacker can briefly rent access to a large amount of unspecialized commodity processing power to launch a 51% attack against a cryptocurrency.
Crypto comes from the word cryptography, which is the process used to protect the transactions that send the lines of code for purchases. Cryptography also controls the creation of new coins. Hundreds of coin types now dot the crypto markets, but only a handful have the potential to become a viable investment.bitcoin russia банк bitcoin ethereum dao bitcoin отслеживание фарминг bitcoin
отзывы ethereum
инструкция bitcoin monero mining халява bitcoin ethereum io local bitcoin 6000 bitcoin bitcoin авито автомат bitcoin bitcoin кости ethereum wiki
monero logo bitcoin инвестирование abc bitcoin bitcoin main bitcoin instant
bitcoin 1070 android tether bitcoin zona вики bitcoin casper ethereum cryptocurrency market ethereum wallet
график bitcoin dorks bitcoin bitcoin node tether комиссии bitcoin fund
ethereum хардфорк подарю bitcoin bitcoin алгоритм бумажник bitcoin exchange ethereum bitcoin monkey bitcoin p2p monero валюта ethereum cgminer ethereum проблемы bitcoin api today bitcoin обмен tether bitcoin key
bitcoin start xpub bitcoin разработчик ethereum system bitcoin bitcoin market принимаем bitcoin обменник bitcoin фото bitcoin майнинг ethereum Ключевое слово bitcoin vip opencart bitcoin attack bitcoin bitcoin protocol strategy bitcoin терминалы bitcoin
bitcoin capital monero minergate usdt tether мониторинг bitcoin bitcoin мерчант start bitcoin
tether криптовалюта bitcoin chart фото ethereum bitcoin проблемы bitcoin twitter
ethereum bitcointalk bitcoin rigs
alipay bitcoin 2x bitcoin bitcoin code bitcoin рублях bitcoin москва ethereum контракты добыча bitcoin attack bitcoin putin bitcoin bitcoin flapper
bitcoin get bitcoin миксеры bitcoin linux bitcoin casino txid bitcoin json bitcoin bitcoin com ann monero bitcoin зарегистрироваться bitcoin будущее iso bitcoin hack bitcoin aliexpress bitcoin payable ethereum bitcoin win agario bitcoin polkadot cadaver cryptocurrency trading bitcoin simple криптовалют ethereum solidity ethereum ethereum transaction bio bitcoin bitcoin auto master bitcoin bitcoin bitcointalk bitcoin ecdsa by bitcoin blake bitcoin bitcoin cli mastering bitcoin bitcoin background ethereum купить bcc bitcoin payoneer bitcoin bitcoin gambling bitcoin armory metropolis ethereum debian bitcoin ethereum calculator datadir bitcoin bitcoin рулетка bitcoin vip bitcoin конверт заработок ethereum bitcoin convert bitcoin trinity bitcoin parser keyhunter bitcoin eth ethereum
ethereum хешрейт bitcoin tm bitcoin hunter bitcoin bit importprivkey bitcoin ethereum news top bitcoin fire bitcoin oil bitcoin bitcoin protocol ethereum investing
bitcoin bounty
bitcoin portable оборудование bitcoin капитализация ethereum bitcoin миллионеры bitcoin rpg
coinmarketcap bitcoin litecoin bitcoin bitcoin laundering bitcoin 100
добыча bitcoin bitcoin blue bitcoin reddit icons bitcoin биржа bitcoin bitcoin accelerator bitcoin sha256 alpha bitcoin ethereum бутерин е bitcoin форк ethereum ethereum client bitcoin froggy 1070 ethereum курса ethereum javascript bitcoin
bitcoin in криптовалюта ethereum cryptocurrency analytics bitcoin banking bitcoin millionaire калькулятор bitcoin
zebra bitcoin bitcoin options bitcoin статистика хешрейт ethereum bitcoin drip криптовалюта tether ava bitcoin
bitcoin openssl se*****256k1 ethereum bitcoin кошелек пулы bitcoin
bitcoin robot bitcoin javascript bitcoin 99 ethereum 4pda nicehash monero ethereum инвестинг bitcoin автоматически bitcoin заработок bitcoin start bitcoin коллектор bitcoin пул кран bitcoin *****uminer monero service bitcoin bitcoin chains payza bitcoin майнер monero ethereum доллар roboforex bitcoin ставки bitcoin ethereum coin primedice bitcoin rigname ethereum remix ethereum data bitcoin bitcoin миллионеры Featureswebmoney bitcoin сложность bitcoin 1000 bitcoin ethereum пулы cryptocurrency faucet google bitcoin ads bitcoin bitcoin оплатить
dogecoin bitcoin программа tether escrow bitcoin monero nvidia ethereum block 4 bitcoin bitcoin рухнул bitcoin игры ethereum валюта создать bitcoin security bitcoin connect bitcoin сколько bitcoin 0 bitcoin bitcoin страна bitcoin check kinolix bitcoin bitcoin blockstream bitcoin conveyor bitcoin knots cryptocurrency trading bitcoin hardfork 600 bitcoin pos ethereum bitcoin хешрейт bitcoin mac
hacking bitcoin accepts bitcoin добыча monero ethereum serpent платформу ethereum картинка bitcoin hd bitcoin mac bitcoin finex bitcoin количество bitcoin wordpress bitcoin ubuntu ethereum график ethereum 3d bitcoin tether limited настройка monero 1070 ethereum ethereum network bitcoin авито будущее ethereum bitcoin продать etoro bitcoin bitcoin average bitcoin ru bitcoin котировка zcash bitcoin ethereum упал A reliable full-time internet connection, ideally 2 megabits per second or faster.ethereum ротаторы bitcoin exchanges Illustration of a person peering into a bazaar, meant to represent Ethereumвиталик ethereum monero
deep bitcoin динамика ethereum bitcoin cryptocurrency
1 bitcoin обмен tether разработчик ethereum bitcoin сети multiply bitcoin monero продать xbt bitcoin
ethereum supernova обменять ethereum bitcoin сколько bitcoin virus bitcoin png bitcoin checker скачать bitcoin bitcoin php bitcoin bbc bitcoin weekend порт bitcoin fire bitcoin fox bitcoin pps bitcoin
wordpress bitcoin Solo Miningпрограмма tether 50 bitcoin monero ico bitcoin club capitalization bitcoin video bitcoin
ethereum форум monero dwarfpool algorithm ethereum jax bitcoin iobit bitcoin бизнес bitcoin minergate bitcoin пузырь bitcoin bitcoin etherium bitcoin code bit bitcoin ethereum инвестинг bitcoin ocean сайты bitcoin bitcoin экспресс airbitclub bitcoin ethereum кошелька rx560 monero bitcoin 4000 bitcoin world vector bitcoin
заработок ethereum bitcoin spinner monero криптовалюта china bitcoin ethereum получить autobot bitcoin space bitcoin bitcoin conf mine ethereum bitcoin cny серфинг bitcoin moneybox bitcoin bitcoin casino On-blockchain token systems have many applications ranging from sub-currencies representing assets such as USD or gold to company stocks, individual tokens representing smart property, secure unforgeable coupons, and even token systems with no ties to conventional value at all, used as point systems for incentivization. Token systems are surprisingly easy to implement in Ethereum. The key point to understand is that a currency, or token system, fundamentally is a database with one operation: subtract X units from A and give X units to B, with the provision that (1) A had at least X units before the transaction and (2) the transaction is approved by A. All that it takes to implement a token system is to implement this logic into a contract.Like the aforementioned IBM report, most incumbent technology companies try to cram cryptocurrency into a larger story about 'digital assets' and their promises of 'super efficiency.' One McKinsey white paper describes vaguely how 'blockchain' will help your insurance company keep your passport on file. These incoherent stories typically place cryptocurrency into one of several pre-existing sectors:The incentive to save exists but the existence of savings necessarily requires producing something of value demanded by others. If at first you don’t succeed, try, try again. The interests and incentives align perfectly between those that have the currency and those providing goods and services, particularly because the script is flipped on the other side of each exchange. Paradoxically, everyone would be incentivized to 'save more' in a world in which more money technically could not be saved. Over time, each person would hold less and less of the currency in nominal terms on average but with each nominal unit purchasing more and more over time (rather than less). The ability to defer consumption or investment and be rewarded (or rather simply not be penalized) is the lynchpin that aligns all economic incentives.4000 bitcoin blogspot bitcoin monero address bitcoin анализ monero курс cryptocurrency index American investor Warren Buffett warned investors about bitcoin in 2014, 'Stay away from it. It's a mirage, basically.' He repeated the warning in 2018 calling bitcoin 'probably rat poison squared'. He believes that bitcoin is a non-productive asset. 'When you're buying nonproductive assets, all you're counting on is the next person is going to pay you more because they're even more excited about another next person coming along.'tether верификация monero пул bitcoin войти bitcoin block
avto bitcoin monero алгоритм вики bitcoin ethereum 1070 сеть bitcoin bitcoin node фото bitcoin fx bitcoin bitcoin arbitrage bitcoin jp покер bitcoin monero биржи Protocolstcc bitcoin minergate ethereum bitcoin подтверждение ethereum stats utxo bitcoin
monster bitcoin ethereum алгоритм bitcoin ваучер bitcoin protocol платформу ethereum bus bitcoin monero coin pirates bitcoin
bitcoin pizza bitcoin china ethereum gas bitcoin debian автосерфинг bitcoin car bitcoin bitcoin сети ethereum faucet phoenix bitcoin bitcoin расчет сложность monero bitcoin wallpaper monero xeon buying bitcoin
antminer ethereum love bitcoin bitcoin перевод playstation bitcoin blue bitcoin контракты ethereum rx470 monero locals bitcoin bitcoin legal
криптовалюта tether tether майнинг That something that we are talking about is called hash and it is compose of letters and numbers. During that period of time, that hash is put together with the block on the tip of the blockchain.cap bitcoin кран ethereum plasma ethereum ethereum vk planet bitcoin bitcoin calculator bitcoin кэш neo bitcoin
tether верификация ethereum доходность bitcoin valet
autobot bitcoin rpg bitcoin bitcoin qt майнеры monero bitcoin airbit ethereum io
kaspersky bitcoin sender hopes it will be too late.remix ethereum bitcoin bitcointalk bitcoin adder контракты ethereum
hash bitcoin Ключевое слово hacking bitcoin
биржа ethereum bitcoin world bitcoin casascius coingecko ethereum дешевеет bitcoin bitcoin pdf How you manage your ETH and your Ethereum account. You'll need a wallet to get started – we'll help you choose one.golden bitcoin tether майнить bitcoin poker купить bitcoin dark bitcoin bitcoin pps bitcoin block сбербанк ethereum
all cryptocurrency кошель bitcoin cryptonator ethereum bitcoin оплатить tether js
ethereum news
sec bitcoin надежность bitcoin отслеживание bitcoin bitcoin asic bitcoin vip
10000 bitcoin bitcoin count ethereum foundation amazon bitcoin in bitcoin moto bitcoin bitcoin txid
tether кошелек ethereum проекты new cryptocurrency bitcoin stealer app bitcoin bitcoin rt bitcoin etf bitcoin fpga get bitcoin bitcoin blender bitcoin bitcointalk
ethereum падение
bitcoin брокеры bitcoin компания wallet cryptocurrency lurkmore bitcoin Ultimately, the governance of the protocol does not occur via a well-defined, top-down fashion. Rather, it inverts traditional models of governance via enforcement from the bottom up.bitcoin blog nanopool monero
tether 4pda bitcoin investment пополнить bitcoin ethereum клиент kraken bitcoin cryptocurrency rates ethereum free bitcoin legal make bitcoin bitcoin зарабатывать bitcoin fpga сервисы bitcoin bitcoin com bitcoin stellar crococoin bitcoin создать bitcoin monero client bitcoin main bitcoin people bitcoin хабрахабр foto bitcoin cryptocurrency magazine bitcoin инструкция platinum bitcoin ethereum decred bitcoin аккаунт понятие bitcoin bitcoin forbes bitcoin de
Ключевое слово bitcoin value bitcoin сша куплю ethereum
bitcoin rub hacker bitcoin bitcoin haqida фарминг bitcoin bitcoin kran bitcoin proxy legal bitcoin monero github stats ethereum
bitcoin россия знак bitcoin программа bitcoin
сбор bitcoin ethereum упал bitcoin machine lurk bitcoin exchange ethereum monero алгоритм bitcoin checker bitcoin sec polkadot ico monero cryptonote перспективы bitcoin ava bitcoin кошелек tether эпоха ethereum ethereum blockchain bitcoin 33 flappy bitcoin bitcoin mmm валюта monero количество bitcoin bitcoin fpga wallet tether bitcoin okpay ethereum продам stealer bitcoin ethereum обменять bitcoin калькулятор casper ethereum
bitcoin course 1 ethereum ethereum icon car bitcoin chain bitcoin bitcoin проверка exchange monero china bitcoin сложность ethereum bitcoin investment adbc bitcoin bitcoin kran What is a cryptocurrency: Bitcoin cryptocurrency front page.decred ethereum bitcoin compare пул bitcoin world bitcoin bitcoin advertising bitcoin математика киа bitcoin bitcoin список bitcoin динамика bitcoin rig iota cryptocurrency ethereum contracts bitcoin адреса bitcoin sha256 кликер bitcoin bitcoin plus ethereum mist ethereum падение сервер bitcoin group bitcoin bitcoin заработать bitcoin classic скрипт bitcoin отзыв bitcoin bitcoin office
ethereum torrent рейтинг bitcoin ico ethereum bitcoin generator fast bitcoin app bitcoin bitcoin торги bitcoin cap
ethereum habrahabr Beware of the warning signs of cryptocurrency scams. For example, digital currencies that don't have a public blockchain are not trustworthy.dat bitcoin hit bitcoin ethereum регистрация bitcoin hunter view bitcoin cnbc bitcoin bitcoin индекс сколько bitcoin *****a bitcoin 6000 bitcoin arbitrage bitcoin project ethereum cryptocurrency calendar bitcoin tails bitcoin проверка rbc bitcoin mercado bitcoin bitcoin store bitcoin carding bitcoin лого bitcoin видеокарты fox bitcoin
