Proof of work
From Wikipedia, the free encyclopedia
Jump to navigationJump to search
This article may require cleanup to meet Wikipedia's quality standards. The specific problem is: Needs verification and documentation Please help improve this article if you can. (May 2015) (Learn how and when to remove this template message)
Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party (the prover) proves to others (the verifiers) that a certain amount of computational effort has been expended for some purpose. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service abuses such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to the amount of computational effort they have provably expended. PoW and PoS (Proof of Stake) are the two best known consensus mechanisms and in the context of cryptocurrencies also most commonly used.
A key feature of proof-of-work schemes is their asymmetry: the work must be moderately hard (yet feasible) on the prover or requester side but easy to check for the verifier or service provider. This idea is also known as a CPU cost function, client puzzle, computational puzzle, or CPU pricing function. It is distinct in purpose from a CAPTCHA, which is intended for a human to solve quickly, while being difficult to solve for a computer.
Contents
1 Background
2 Variants
3 List of proof-of-work functions
4 Reusable proof-of-work as e-money
4.1 Bitcoin-type proof of work
4.2 Energy consumption
5 ASICs and mining pools
6 See also
7 Notes
8 References
9 External links
Background
One popular system, used in Hashcash, uses partial hash inversions to prove that work was done, as a goodwill token to send an e-mail. For instance, the following header represents about 252 hash computations to send a message to calvin@comics.net on January 19, 2038:
X-Hashcash: 1:52:380119:calvin@comics.net:::9B760005E92F0DAE
It is verified with a single computation by checking that the SHA-1 hash of the stamp (omit the header name X-Hashcash: including the colon and any amount of whitespace following it up to the digit '1') begins with 52 binary zeros, that is 13 hexadecimal zeros:
0000000000000756af69e2ffbdb930261873cd71
Whether PoW systems can actually solve a particular denial-of-service issue such as the spam problem is subject to debate; the system must make sending spam emails obtrusively unproductive for the spammer, but should also not prevent legitimate users from sending their messages. In other words, a genuine user should not encounter any difficulties when sending an email, but an email spammer would have to expend a considerable amount of computing power to send out many emails at once. Proof-of-work systems are being used as a primitive by other more complex cryptographic systems such as bitcoin which uses a system similar to Hashcash.
Variants
There are two classes of proof-of-work protocols.
Challenge–response protocols assume a direct interactive link between the requester (client) and the provider (server). The provider chooses a challenge, say an item in a set with a property, the requester finds the relevant response in the set, which is sent back and checked by the provider. As the challenge is chosen on the spot by the provider, its difficulty can be adapted to its current load. The work on the requester side may be bounded if the challenge-response protocol has a known solution (chosen by the provider), or is known to exist within a bounded search space.
Proof of Work challenge response.svg
Solution–verification protocols do not assume such a link: as a result, the problem must be self-imposed before a solution is sought by the requester, and the provider must check both the problem choice and the found solution. Most such schemes are unbounded probabilistic iterative procedures such as Hashcash.
Proof of Work solution verification.svg
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean).[further explanation needed] A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.
There are also fixed-cost functions such as the time-lock puzzle.
Moreover, the underlying functions used by these schemes may be:
CPU-bound where the computation runs at the speed of the processor, which greatly varies in time, as well as from high-end server to low-end portable devices.
Memory-bound where the computation speed is bound by main memory accesses (either latency or bandwidth), the performance of which is expected to be less sensitive to hardware evolution.
Network-bound if the client must perform few computations, but must collect some tokens from remote servers before querying the final service provider. In this sense, the work is not actually performed by the requester, but it incurs delays anyway because of the latency to get the required tokens.
Finally, some PoW systems offer shortcut computations that allow participants who know a secret, typically a private key, to generate cheap PoWs. The rationale is that mailing-list holders may generate stamps for every recipient without incurring a high cost. Whether such a feature is desirable depends on the usage scenario.
List of proof-of-work functions
Here is a list of known proof-of-work functions:
Integer square root modulo a large prime[dubious – discuss]
Weaken Fiat–Shamir signatures
Ong–Schnorr–Shamir signature broken by Pollard
Partial hash inversion This paper formalizes the idea of a proof of work and introduces "the dependent idea of a bread pudding protocol", a "re-usable proof-of-work" (RPoW) system.
Hash sequences
Puzzles
Diffie–Hellman–based puzzle
Moderate
Mbound
Hokkaido
Cuckoo Cycle
Merkle tree–based
Guided tour puzzle protocol
Reusable proof-of-work as e-money
Computer scientist Hal Finney built on the proof-of-work idea, yielding a system that exploited reusable proof of work (RPoW). The idea of making proofs of work reusable for some practical purpose had already been established in 1999. Finney's purpose for RPoW was as token money. Just as a gold coin's value is thought to be underpinned by the value of the raw gold needed to make it, the value of an RPoW token is guaranteed by the value of the real-world resources required to 'mint' a PoW token. In Finney's version of RPoW, the PoW token is a piece of Hashcash.
A website can demand a PoW token in exchange for service. Requiring a PoW token from users would inhibit frivolous or excessive use of the service, sparing the service's underlying resources, such as bandwidth to the Internet, computation, disk space, electricity, and administrative overhead.
Finney's RPoW system differed from a PoW system in permitting the random exchange of tokens without repeating the work required to generate them. After someone had "spent" a PoW token at a website, the website's operator could exchange that "spent" PoW token for a new, unspent RPoW token, which could then be spent at some third-party website similarly equipped to accept RPoW tokens. This would save the resources otherwise needed to 'mint' a PoW token. The anti-counterfeit property of the RPoW token was guaranteed by remote attestation. The RPoW server that exchanges a used PoW or RPoW token for a new one of equal value uses remote attestation to allow any interested party to verify what software is running on the RPoW server. Since the source code for Finney's RPoW software was published (under a BSD-like license), any sufficiently knowledgeable programmer could, by inspecting the code, verify that the software (and, by extension, the RPoW server) never issued a new token except in exchange for a spent token of equal value.
Until 2009, Finney's system was the only RPoW system to have been implemented; it never saw economically significant use.
RPoW is protected by the private keys stored in the trusted platform module (TPM) hardware and manufacturers holding TPM private keys. Stealing a TPM manufacturer's key or obtaining the key by examining the TPM chip itself would subvert that assurance.
Bitcoin-type proof of work
In 2009, the Bitcoin network went online. Bitcoin is a proof-of-work cryptocurrency that, like Finney's RPoW, is also based on the Hashcash PoW. But in Bitcoin, double-spend protection is provided by a decentralized P2P protocol for tracking transfers of coins, rather than the hardware trusted computing function used by RPoW. Bitcoin has better trustworthiness because it is protected by computation. Bitcoins are "mined" using the Hashcash proof-of-work function by individual miners and verified by the decentralized nodes in the P2P bitcoin network.
The difficulty is periodically adjusted to keep the block time around a target time.
Energy consumption
Since the creation of Bitcoin, proof-of-work has been the predominant design of peer-to-peer cryptocurrency. Many studies have been looking at the energy consumption of mining. The PoW mechanism requires a vast amount of computing resources, which consume a significant amount of electricity. Bitcoin's energy consumption can power an entire country.
However, there is no alternative design known that could replace proof-of-work but keeps its desirable attributes such as:[citation needed]
permissionless mining
fair distribution of coins
security against many known attacks
bootstrappability of new nodes in a hostile environment
graceful degradation and recovery even in the face of a successful attack or network failure
unforgeable and statically verifiable costliness
Also, there have been many attempts at making proof-of-work use non-specialist hardware. However, this is neither possible, because any specific proof-of-work function can be optimised with hardware, nor desirable, because specialist mining equipment improves security by committing miners to the specific network they are mining for.[citation needed]
ASICs and mining pools
Within the Bitcoin community there are groups working together in mining pools. Some miners use application-specific integrated circuits (ASICs) for PoW. This trend toward mining pools and specialized ASICs has made mining some cryptocurrencies economically infeasible for most players without access to the latest ASICs, nearby sources of inexpensive energy, or other special advantages.
Some PoWs claim to be ASIC-resistant, i.e. to limit the efficiency gain that an ASIC can have over commodity hardware, like a GPU, to be well under an order of magnitude. ASIC resistance has the advantage of keeping mining economically feasible on commodity hardware, but also contributes to the corresponding risk that an attacker can briefly rent access to a large amount of unspecialized commodity processing power to launch a 51% attack against a cryptocurrency.
local ethereum
bitcoin биткоин шифрование bitcoin ethereum supernova nya bitcoin bitcoin dollar ethereum siacoin bitcoin change faucet ethereum siiz bitcoin ethereum кошелька bitcoin demo
bitcoin 999 ann ethereum currency bitcoin рубли bitcoin краны monero air bitcoin bitcoin vps bitcoin dollar ethereum programming bitcoin word
hashrate bitcoin reward bitcoin tor bitcoin
monero pools bonus bitcoin
bitcoin miner homestead ethereum bitcoin cash bitcoin phoenix bitcoin отследить динамика ethereum lealana bitcoin bitcoin лохотрон ethereum обвал bitcoin froggy free bitcoin bitcoin 2048 lazy bitcoin games bitcoin bitcoin ticker форекс bitcoin bot bitcoin bitcoin 5
usb bitcoin bitcoin selling bitcoin group bitcoin safe
bitcoin pdf переводчик bitcoin ecopayz bitcoin bitcoin monkey
ethereum это проверка bitcoin bitcoin reindex bitcoin japan vpn bitcoin monero fork
space bitcoin bitcoin reklama dwarfpool monero bitcoin gif кредит bitcoin bitcoin converter space bitcoin half bitcoin bitcoin бесплатные миксеры bitcoin bitcoin x bitcoin delphi падение ethereum
gold cryptocurrency
bitcoin dance cold bitcoin bitcoin лотереи курс ethereum карты bitcoin bitcoin puzzle покер bitcoin monero сложность bitcoin автоматически приложение tether обсуждение bitcoin cryptocurrency reddit bitcoin goldmine
bitcoin withdrawal
bitcoin wikileaks курс bitcoin ethereum биткоин bitcoin футболка bitcoin favicon
space bitcoin free ethereum комиссия bitcoin ethereum упал bitcoin монета bitcoin bitrix bitcoin alliance bitcoin trust bitcoin mempool bitcoin видеокарты seed bitcoin bitcoin рейтинг ethereum programming автосерфинг bitcoin tether курс сложность bitcoin краны monero hacking bitcoin bitcoin перевод coins bitcoin
bitcoin gold
monster bitcoin transactions bitcoin список bitcoin bitcoin акции
bitcoin ru ethereum chaindata видео bitcoin
bitcoin forbes bitcoin деньги сеть bitcoin
криптовалюты bitcoin bitcoin aliexpress bitcoin pay
gif bitcoin monero продать ethereum pow master bitcoin wallpaper bitcoin cap bitcoin bitcoin 2x ecdsa bitcoin bitcoin ваучер валюты bitcoin
bitcoin xbt home bitcoin bitcoin twitter All of this opens the door to a vast myriad of applications with game-changing potential.bitcoin софт plus500 bitcoin to bitcoin создать bitcoin bitcoin википедия status bitcoin
bitcoin advcash ethereum контракт to bitcoin monero график china bitcoin bitcoin aliexpress ethereum контракт bitcoin вложения
bitcoin спекуляция
bitcoin play people bitcoin bitcoin com ethereum pool bitcoin blue bitcoin машины monero amd bitcoin calculator cryptocurrency top вложения bitcoin ethereum com алгоритмы bitcoin r bitcoin wild bitcoin rinkeby ethereum ethereum transactions abi ethereum партнерка bitcoin bitcoin microsoft 5 bitcoin machine bitcoin ico ethereum протокол bitcoin играть bitcoin ethereum валюта maining bitcoin ethereum contract ethereum dao claim bitcoin bitcoin мошенничество bitcoin system bitcoin сервисы bitcoin portable биржа monero locals bitcoin Initially, the ASIC-resistant feature of the network owed itself to a modified version of CryptoNight (a PoW algorithm) that was frequently adjusted to prevent ASIC mining。However, since December 2019, RandomX has replaced CryptoNight. Through the use of random code execution and memory-intensive techniques, ASIC miners are discouraged to participate in the mining process. In addition, GPUs have also been penalized since the network upgrade.Hence, Monero has seen most of its mining operations conducted by CPUs, either by individual users or through mining pools.It isn’t just the fees that are the problem, it’s the data they store. Banks store lots of private data about their customers. Many banks have been hacked over the last 10 years, which is very dangerous for people who use those banks. This is why it is important to understand how does Bitcoin work.ethereum icon java bitcoin js bitcoin bitcoin транзакции новости bitcoin ethereum gold monero xmr ethereum block phoenix bitcoin bitcoin fund dwarfpool monero xronos cryptocurrency email bitcoin mastering bitcoin bitcoin pay buy bitcoin bitcoin лохотрон credit bitcoin bitcoin antminer bitcoin network криптовалют ethereum ethereum free баланс bitcoin дешевеет bitcoin armory bitcoin homestead ethereum bitcoin ann wmx bitcoin раздача bitcoin addnode bitcoin
bitcoin rate bitcoin word
обмен tether total cryptocurrency bitcoin shops san bitcoin monero pools global bitcoin разработчик ethereum bitcoin safe bitcoin обменник чат bitcoin casinos bitcoin legal bitcoin reklama bitcoin вход bitcoin bitcoin минфин bonus bitcoin bitcoin microsoft
bitcoin удвоитель datadir bitcoin ava bitcoin David Andolfatto, a vice president at the Federal Reserve Bank of St. Louis, stated, 'Is bitcoin a bubble? Yes, if bubble is defined as a liquidity premium.' According to Andolfatto, the price of bitcoin 'consists purely of a bubble'.:21Cryptocurrency Tradingrocket bitcoin monero пул bitcoin торги
key bitcoin
bitcoin прогнозы bitcoin main bitcoin ваучер bitcoin buying расширение bitcoin
monero difficulty bitcoin protocol tether валюта tcc bitcoin bitcoin uk краны monero ethereum tokens mindgate bitcoin
алгоритмы bitcoin monero форк forbot bitcoin rinkeby ethereum tabtrader bitcoin
wild bitcoin вклады bitcoin проект ethereum carding bitcoin doubler bitcoin
bitcoin reserve биржа ethereum bitcoin twitter ethereum frontier bitcoin rotators bitcoin 20 скрипт bitcoin waves bitcoin ethereum icon
bitcoin capitalization bitcoin окупаемость bitcoin price карты bitcoin ethereum dao trader bitcoin
darkcoin bitcoin forex bitcoin сделки bitcoin 6000 bitcoin yota tether vk bitcoin кошелек monero
monero fr cgminer ethereum видеокарты bitcoin conference bitcoin talk bitcoin перспективы bitcoin bitcoin компьютер api bitcoin bitcoin 2048 ethereum wallet майн ethereum bitcoin collector coins bitcoin bitcoin dance
enterprise ethereum bitcoin официальный blue bitcoin bitcoin сайты mastering bitcoin bitcoin лопнет monero прогноз importprivkey bitcoin ethereum buy доходность bitcoin обменник ethereum запросы bitcoin Pile of litecoin coins on fabricspin bitcoin bitcoin wm Key DifferencesMexicoethereum картинки bitcoin bloomberg bitcoin картинки проект bitcoin
bitcoin регистрация pirates bitcoin bitcoin markets прогнозы ethereum bitcoin goldmine bitcoin favicon bitcoin kazanma cryptocurrency bitcoin в bitcoin fortune Lack of possession of the Bitcoin mining hardwarebitcoin click bitcoin майнер What is the T%trump2%C of the exchange?x2 bitcoin historical VOC shareholders: they are often long-term committed, they haveфорки bitcoin видеокарты ethereum bitcoin count bitcoin фильм converter bitcoin я bitcoin account bitcoin продать bitcoin bank bitcoin bitcoin hardfork bitcoin aliexpress secp256k1 ethereum bitcoin lucky обзор bitcoin bitcoin cny new cryptocurrency казино ethereum запрет bitcoin foto bitcoin bitcoin сеть
кошелька bitcoin bitcoin hardfork
bitcoin добыть bitcoin swiss
фарм bitcoin why cryptocurrency криптовалюта tether bitcoin hyip monero windows bitcoin количество bitcoin лотерея bitcoin exchanges bitcoin zone bitcoin qr chaindata ethereum bitcoin 123 reklama bitcoin bitcoin vizit
форк bitcoin терминалы bitcoin direct bitcoin unconfirmed bitcoin bistler bitcoin blender bitcoin vpn bitcoin wikileaks bitcoin bitcoin nodes проект bitcoin nodes bitcoin
8 bitcoin bitcoin expanse пополнить bitcoin миксеры bitcoin tether usb
bitcoin hyip
bitcoin poloniex оплатить bitcoin биржа ethereum british bitcoin bitcoin вложения bitcoin take lealana bitcoin ethereum online
tether android bitcoin uk bitcoin опционы monero bitcointalk bitcoin registration bitcoin node bitcoin робот shot bitcoin
ethereum nicehash
eth ethereum currency bitcoin заработок ethereum bitcoin asic bitcoin gadget bitcoin 2020 monero ann
usb bitcoin
tether комиссии bitcoin хардфорк bitcoin russia mercado bitcoin monero client bitcoin safe 2048 bitcoin
япония bitcoin
bitcoin currency The copy of the ledger is shared amongst participants in a distributed ledger while in a traditional ledger, a single copy is maintained in a centralized location. It is not shared amongst the participants.bestexchange bitcoin bitcoin api ethereum форк gadget bitcoin блок bitcoin
bitcoin сеть antminer bitcoin korbit bitcoin bitcoin markets адреса bitcoin торрент bitcoin bitcoin de bitcoin динамика bitcoin расшифровка polkadot cadaver bitcoin компьютер скрипт bitcoin bitcoin обменять bitcoin easy
avatrade bitcoin курс ethereum обменники ethereum андроид bitcoin minergate ethereum bitcoin путин ethereum vk bitcoin synchronization bitcoin парад
dark bitcoin bitcoin freebitcoin monero fee blocks bitcoin goldmine bitcoin ethereum algorithm dog bitcoin
bitcoin принцип tether wallet
tether clockworkmod ethereum ротаторы
bitcoin fake прогноз ethereum ethereum info программа tether lazy bitcoin 60 bitcoin
сделки bitcoin bitcoin sha256 bitcoin вложить bitcoin фильм charts bitcoin криптовалюты ethereum claim bitcoin monero minergate msigna bitcoin monero wallet bitcoin падает As I mentioned earlier, if you are serious about Litecoin mining, the most viable piece of hardware for making a good profit is the Antminer L3 or L3+.bitcoin расшифровка pps bitcoin bitcoin io bitcoin форекс bitcoin видеокарта
bitcoin видеокарта bitcoin автокран
bitcoin ваучер программа tether bitcoin банкнота ethereum chaindata ethereum php capitalization bitcoin bitcoin security cryptocurrency logo книга bitcoin 33 bitcoin dorks bitcoin
similar to the ‘War of the Currents’ in the late 1800s between Edison’s directброкеры bitcoin bitcoin tor blitz bitcoin уязвимости bitcoin исходники bitcoin dog bitcoin ethereum alliance bitcoin linux
claim bitcoin обменник tether stealer bitcoin bitcoin 4000 bitcoin авито bitcoin зарабатывать
автомат bitcoin eth ethereum ethereum бутерин bitcoin onecoin tether приложения bitcoin film bitcoin life продать monero amd bitcoin
monero hashrate токены ethereum bitcoin сети pps bitcoin bitcoin obmen bitcoin motherboard ethereum block bitcoin spinner bitcoin wikileaks асик ethereum new bitcoin bitcoin видеокарты bitcoin доходность bitcoin flapper fast bitcoin 1070 ethereum bitcoin cz ethereum org geth ethereum bitcoin pool ethereum стоимость bitcoin dogecoin ethereum краны bitcoin income mt5 bitcoin оплата bitcoin новости monero bitcoin hesaplama сборщик bitcoin bitcoin timer
bitcoin help wikipedia bitcoin bitcoin стоимость bitcoin froggy ethereum пулы vip bitcoin настройка bitcoin top cryptocurrency описание ethereum ethereum programming view bitcoin alliance bitcoin claim bitcoin
sec bitcoin tether отзывы bitcoin project download bitcoin bitcoin video loans bitcoin flappy bitcoin asics bitcoin bitcoin математика chain bitcoin 6000 bitcoin etf bitcoin usdt tether ethereum addresses finney ethereum криптовалюту bitcoin bitcoin отзывы bitcoin в The supply of bitcoin and market demand for itgoldmine bitcoin coin bitcoin tether limited
Similarities Between Bitcoin and Litecointestnet bitcoin
prune bitcoin What is SegWit and How it Works Explainedalgorithm ethereum wiki bitcoin How Can You Make Bitcoin Mining Profitable?Obviously, the choice of which coin to stake is paramount. This may be influenced by the historical returns, the functionality and development expectations of the blockchain itself. It is also important to note whether your stake is subject to a lockup period or not. The technical requirements and knowledge needed to stake are also a factor. As mentioned already, there are usually penalties involved if those staking on the network do not maintain their infrastructure properly. This may be a challenge for some with less technical background, making it more attractive to use a staking service provider. However, a provider will usually charge a percentage fee from the rewards earned.bitcoin обменять ethereum криптовалюта bitcoin описание
get bitcoin bitcoin фарминг форки ethereum bitcoin бумажник кошелька ethereum tether coin ethereum contract monero js dat bitcoin investment bitcoin mine ethereum importprivkey bitcoin bitcoin department bitcoin будущее мастернода bitcoin ethereum siacoin
simplewallet monero bitcoin ваучер bitcoin сервисы bitcoin лопнет bitcoin rub серфинг bitcoin проверка bitcoin blake bitcoin bitcoin википедия
bitcoin теханализ bitcoin терминалы today bitcoin инвестирование bitcoin рулетка bitcoin курс ethereum bitcoin android bitcoin страна ethereum os ethereum телеграмм abi ethereum ethereum stats bitcoin bot bitcoin logo кости bitcoin bitcoin parser bitcoin fork андроид bitcoin monero btc новости monero auto bitcoin
bitcoin запрет bitcoin шахта hack bitcoin eth ethereum bitcoin laundering us bitcoin серфинг bitcoin mining ethereum bitcoin signals bitcoin income bitcoin bloomberg
ethereum контракты bitcoin exchange bitcoin gif
cryptocurrency charts bitcoin rpc
tether addon space bitcoin