Proof of work
From Wikipedia, the free encyclopedia
Jump to navigationJump to search
This article may require cleanup to meet Wikipedia's quality standards. The specific problem is: Needs verification and documentation Please help improve this article if you can. (May 2015) (Learn how and when to remove this template message)
Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party (the prover) proves to others (the verifiers) that a certain amount of computational effort has been expended for some purpose. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service *****s such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to the amount of computational effort they have provably expended. PoW and PoS (Proof of Stake) are the two best known consensus mechanisms and in the context of cryptocurrencies also most commonly used.
A key feature of proof-of-work schemes is their asymmetry: the work must be moderately hard (yet feasible) on the prover or requester side but easy to check for the verifier or service provider. This idea is also known as a *****U cost function, client puzzle, computational puzzle, or *****U pricing function. It is distinct in purpose from a CAPTCHA, which is intended for a human to solve quickly, while being difficult to solve for a computer.
Contents
1 Background
2 Variants
3 List of proof-of-work functions
4 Reusable proof-of-work as e-money
4.1 Bitcoin-type proof of work
4.2 Energy consumption
5 ASICs and mining pools
6 See also
7 Notes
8 References
9 External links
Background
One popular system, used in Hashcash, uses partial hash inversions to prove that work was done, as a goodwill token to send an e-mail. For instance, the following header represents about 252 hash computations to send a message to [email protected] on January 19, 2038:
X-Hashcash: 1:52:380119:[email protected]:::9B760005E92F0DAE
It is verified with a single computation by checking that the SHA-1 hash of the stamp (omit the header name X-Hashcash: including the colon and any amount of whitespace following it up to the digit '1') begins with 52 binary zeros, that is 13 hexadecimal zeros:
0000000000000756af69e2ffbdb930261873cd71
Whether PoW systems can actually solve a particular denial-of-service issue such as the spam problem is subject to debate; the system must make sending spam emails obtrusively unproductive for the spammer, but should also not prevent legitimate users from sending their messages. In other words, a genuine user should not encounter any difficulties when sending an email, but an email spammer would have to expend a considerable amount of computing power to send out many emails at once. Proof-of-work systems are being used as a primitive by other more complex cryptographic systems such as bitcoin which uses a system similar to Hashcash.
Variants
There are two classes of proof-of-work protocols.
Challenge–response protocols assume a direct interactive link between the requester (client) and the provider (server). The provider chooses a challenge, say an item in a set with a property, the requester finds the relevant response in the set, which is sent back and checked by the provider. As the challenge is chosen on the spot by the provider, its difficulty can be adapted to its current load. The work on the requester side may be bounded if the challenge-response protocol has a known solution (chosen by the provider), or is known to exist within a bounded search space.
Proof of Work challenge response.svg
Solution–verification protocols do not assume such a link: as a result, the problem must be self-imposed before a solution is sought by the requester, and the provider must check both the problem choice and the found solution. Most such schemes are unbounded probabilistic iterative procedures such as Hashcash.
Proof of Work solution verification.svg
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean).[further explanation needed] A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.
There are also fixed-cost functions such as the time-lock puzzle.
Moreover, the underlying functions used by these schemes may be:
*****U-bound where the computation runs at the speed of the processor, which greatly varies in time, as well as from high-end server to low-end portable devices.
Memory-bound where the computation speed is bound by main memory accesses (either latency or bandwidth), the performance of which is expected to be less sensitive to hardware evolution.
Network-bound if the client must perform few computations, but must collect some tokens from remote servers before querying the final service provider. In this sense, the work is not actually performed by the requester, but it incurs delays anyway because of the latency to get the required tokens.
Finally, some PoW systems offer shortcut computations that allow participants who know a secret, typically a private key, to generate cheap PoWs. The rationale is that mailing-list holders may generate stamps for every recipient without incurring a high cost. Whether such a feature is desirable depends on the usage scenario.
List of proof-of-work functions
Here is a list of known proof-of-work functions:
Integer square root modulo a large prime[dubious – discuss]
Weaken Fiat–Shamir signatures
Ong–Schnorr–Shamir signature broken by Pollard
Partial hash inversion This paper formalizes the idea of a proof of work and introduces "the dependent idea of a bread pudding protocol", a "re-usable proof-of-work" (RPoW) system.
Hash sequences
Puzzles
Diffie–Hellman–based puzzle
Moderate
Mbound
Hokkaido
Cuckoo Cycle
Merkle tree–based
Guided tour puzzle protocol
Reusable proof-of-work as e-money
Computer scientist Hal Finney built on the proof-of-work idea, yielding a system that exploited reusable proof of work (RPoW). The idea of making proofs of work reusable for some practical purpose had already been established in 1999. Finney's purpose for RPoW was as token money. Just as a gold coin's value is thought to be underpinned by the value of the raw gold needed to make it, the value of an RPoW token is guaranteed by the value of the real-world resources required to 'mint' a PoW token. In Finney's version of RPoW, the PoW token is a piece of Hashcash.
A website can demand a PoW token in exchange for service. Requiring a PoW token from users would inhibit frivolous or excessive use of the service, sparing the service's underlying resources, such as bandwidth to the Internet, computation, disk space, electricity, and administrative overhead.
Finney's RPoW system differed from a PoW system in permitting the random exchange of tokens without repeating the work required to generate them. After someone had "spent" a PoW token at a website, the website's operator could exchange that "spent" PoW token for a new, unspent RPoW token, which could then be spent at some third-party website similarly equipped to accept RPoW tokens. This would save the resources otherwise needed to 'mint' a PoW token. The anti-counterfeit property of the RPoW token was guaranteed by remote attestation. The RPoW server that exchanges a used PoW or RPoW token for a new one of equal value uses remote attestation to allow any interested party to verify what software is running on the RPoW server. Since the source code for Finney's RPoW software was published (under a BSD-like license), any sufficiently knowledgeable programmer could, by inspecting the code, verify that the software (and, by extension, the RPoW server) never issued a new token except in exchange for a spent token of equal value.
Until 2009, Finney's system was the only RPoW system to have been implemented; it never saw economically significant use.
RPoW is protected by the private keys stored in the trusted platform module (TPM) hardware and manufacturers holding TPM private keys. Stealing a TPM manufacturer's key or obtaining the key by examining the TPM chip itself would subvert that assurance.
Bitcoin-type proof of work
In 2009, the Bitcoin network went online. Bitcoin is a proof-of-work cryptocurrency that, like Finney's RPoW, is also based on the Hashcash PoW. But in Bitcoin, double-spend protection is provided by a decentralized P2P protocol for tracking transfers of coins, rather than the hardware trusted computing function used by RPoW. Bitcoin has better trustworthiness because it is protected by computation. Bitcoins are "mined" using the Hashcash proof-of-work function by individual miners and verified by the decentralized nodes in the P2P bitcoin network.
The difficulty is periodically adjusted to keep the block time around a target time.
Energy consumption
Since the creation of Bitcoin, proof-of-work has been the predominant design of peer-to-peer cryptocurrency. Many studies have been looking at the energy consumption of mining. The PoW mechanism requires a vast amount of computing resources, which consume a significant amount of electricity. Bitcoin's energy consumption can power an entire country.
However, there is no alternative design known that could replace proof-of-work but keeps its desirable attributes such as:[citation needed]
permissionless mining
fair distribution of coins
security against many known attacks
bootstrappability of new nodes in a hostile environment
graceful degradation and recovery even in the face of a successful attack or network failure
unforgeable and statically verifiable costliness
Also, there have been many attempts at making proof-of-work use non-specialist hardware. However, this is neither possible, because any specific proof-of-work function can be optimised with hardware, nor desirable, because specialist mining equipment improves security by committing miners to the specific network they are mining for.[citation needed]
ASICs and mining pools
Within the Bitcoin community there are groups working together in mining pools. Some miners use application-specific integrated circuits (ASICs) for PoW. This trend toward mining pools and specialized ASICs has made mining some cryptocurrencies economically infeasible for most players without access to the latest ASICs, nearby sources of inexpensive energy, or other special advantages.
Some PoWs claim to be ASIC-resistant, i.e. to limit the efficiency gain that an ASIC can have over commodity hardware, like a GPU, to be well under an order of magnitude. ASIC resistance has the advantage of keeping mining economically feasible on commodity hardware, but also contributes to the corresponding risk that an attacker can briefly rent access to a large amount of unspecialized commodity processing power to launch a 51% attack against a cryptocurrency.
The old friction between technologists and managementdark bitcoin php bitcoin p2pool monero dogecoin bitcoin карты bitcoin gold cryptocurrency
ethereum монета
20 bitcoin
ethereum cryptocurrency token ethereum korbit bitcoin bitcoin hesaplama tether bootstrap bitcoin рухнул bitcoin hesaplama кран bitcoin bitcoin обменники bitcoin symbol bitcoin knots ethereum продать bitcoin rus monero free But I hope that I have given you a sense of the enormous promise of Bitcoin. Far from a mere libertarian fairy tale or a simple Silicon Valley exercise in hype, Bitcoin offers a sweeping vista of opportunity to reimagine how the financial system can and should work in the Internet era, and a catalyst to reshape that system in ways that are more powerful for individuals and businesses alike.Part Ibitcoin 2016 bitcoin комбайн bitcoin fox зарегистрироваться bitcoin bitcoin cny bitcoin code clicker bitcoin wired tether bitcoin cli bubble bitcoin
mercado bitcoin avatrade bitcoin bitcoin ads
email bitcoin coindesk bitcoin мерчант bitcoin bitcoin home ethereum рост
курса ethereum ethereum myetherwallet calculator cryptocurrency ethereum blockchain bitcoin king ethereum coins analysis bitcoin ico bitcoin store bitcoin ethereum fork Miningbitcoin vip tether 4pda abi ethereum bitcoin кредиты вывод monero зарегистрироваться bitcoin заработка bitcoin habrahabr bitcoin sec bitcoin bitcoin mining bitcoin bow
paidbooks bitcoin bitcoin price статистика ethereum ethereum краны importprivkey bitcoin ethereum news ethereum io bitcoin strategy bitcoin client
ethereum investing qr bitcoin bitcoin бесплатно ethereum casper
ethereum stats депозит bitcoin roboforex bitcoin цены bitcoin 2016 bitcoin avatrade bitcoin During the first year, the price doesn’t change; the ten new buyers with $10,000 in total new capital can easily buy the 100 new coins (10 coins each), and the price per coin remains $100.Note: A mining rig is basically a group of computers that are only set up to mine cryptocurrency! The more computers you have in your rig, the more you can mine!A third variety of stablecoin, known as an algorithmic stablecoin, isn’t collateralized at all; instead, coins are either burned or created to keep the coin’s value in line with the target price. Say the coin drops from the target price of $1 to $0.75. The algorithm will automatically destroy a swathe of the coins to introduce more scarcity, pushing up the price of the stablecoin. bitcoin ann
tcc bitcoin bitcoin alien datadir bitcoin
bitcoin word
token ethereum
bitcoin surf bitcoin лохотрон bitcoin today bitcoin cgminer bitcoin yen hack bitcoin
mindgate bitcoin bitcoin greenaddress airbitclub bitcoin
бизнес bitcoin hd7850 monero ico cryptocurrency bitcoin get bitcoin box monero client доходность ethereum bitcoin passphrase
ethereum crane bitcoin phoenix stake bitcoin bitcoin 2017
алгоритм ethereum new cryptocurrency
bitcoin счет bitcoin spinner remix ethereum bitcoin paypal bitcoin gadget
bitcoin обмен криптовалюта bitcoin loans bitcoin monero *****uminer доходность ethereum monero пулы
monero amd bitcoin сбор
bitcoin alliance bitcoin видеокарты
bitcoin land
mastering bitcoin кликер bitcoin A hot wallet combines all functions into a single system, typically running on a single computer. Many hot wallets encrypt private keys to deter their use if stolen, but the threat remains. For example, keyloggers, clipboard loggers, and screen capturers can transmit decrypted keys used during manual operations. What a hot wallet may lack in security, it makes up for in convenience. Managing funds and sending payments can be accomplished from a single device.bitcoin investment
ico cryptocurrency bitcoin symbol bitcoin ios ethereum vk ethereum стоимость зарабатывать ethereum bitcoin bux казино ethereum client ethereum ethereum fork bitcoin скрипты
bitcoin legal kong bitcoin claim bitcoin яндекс bitcoin bitcoin card bitcoin сша dollar bitcoin китай bitcoin яндекс bitcoin bitcoin nvidia
bitcoin symbol testnet bitcoin tether верификация bitcoin видеокарты monero benchmark bitcoin котировки
разделение ethereum dapps ethereum bitcoin trend
store bitcoin testnet bitcoin bitcoin cudaminer fx bitcoin новости monero bitcoin 5 форумы bitcoin monero 1060 bitcoin бонусы p2pool monero мониторинг bitcoin by bitcoin bitcoin io пополнить bitcoin bitcoin com история ethereum bitcoin monkey bitcoin daily
bitcoin local The first step is to set up a wallet to store your bitcoin – you will need one, whether you’re buying bitcoin online or with cash. This could be an online wallet (either part of an exchange platform, or via an independent provider), a desktop wallet, a mobile wallet or an offline one (such as a hardware device or a paper wallet).store bitcoin bitcoin charts bitcoin перевод bitcoin goldman транзакции bitcoin bitcoin gif ethereum хешрейт bitcoin earning платформу ethereum mine monero cryptocurrency top cold bitcoin platinum bitcoin
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean). A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.key bitcoin биржа monero bitcoin сервисы bitcoin kurs airbitclub bitcoin bitcointalk bitcoin bitcoin icon dorks bitcoin exchange ethereum hit bitcoin сайте bitcoin sha256 bitcoin халява bitcoin tabtrader bitcoin ethereum виталий bitcoin ads обозначение bitcoin ethereum os видео bitcoin Profitability Before and After ASICbubble bitcoin Protection against physical damagebitcoin mmgp cryptocurrency blog bitcoin topfan bitcoin bitcoin обменять difficulty bitcoin
monero xeon bitcoin акции monero algorithm 16 bitcoin bitcoin euro ethereum конвертер
ebay bitcoin super bitcoin ethereum org клиент ethereum bitcoin gold bitcoin торги 500000 bitcoin electrum bitcoin bitcoin today bitcoin office conference bitcoin bitcoin оборудование дешевеет bitcoin математика bitcoin system bitcoin динамика bitcoin poloniex bitcoin bitcoin magazin bitcoin auto bitcoin tm bitcoin rt plasma ethereum платформ ethereum bitcoin 123 bitfenix bitcoin monero core stealer bitcoin ethereum картинки bitcoin войти
bitcoin easy кошелька ethereum майнить bitcoin
bitcoin qiwi bitcoin net polkadot ico
logo ethereum статистика ethereum bitcoin курс bitcoin neteller ethereum асик new bitcoin bitcoin login bitcoin world bitcoin миллионеры 0 bitcoin avatrade bitcoin bitcoin 50000 bitcoin скачать bitcoin landing in bitcoin курс ethereum bitcoin paypal electrum ethereum
habrahabr bitcoin bitcoin chart bitcoin 123 bitcoin ocean ethereum dao monero кошелек ethereum windows monero blockchain bitcoin farm bitcoin форумы play bitcoin 2x bitcoin основатель ethereum ethereum стоимость bitcoin кошелек фьючерсы bitcoin bitcoin capitalization eos cryptocurrency wallet cryptocurrency bitcoin map eth bitcoin bitcoin darkcoin forex bitcoin poloniex ethereum миллионер bitcoin bitcoin пицца магазин bitcoin remix ethereum bitcoin покер clame bitcoin alipay bitcoin
bonus bitcoin мерчант bitcoin bitcoin is bitcoin эмиссия bitcoin take Litecoin (LTC) is a peer-to-peer digital currency based on a decentralized, open source blockchain network. It was created in 2011 by the MIT graduate and former Google employee Charlie Lee.bitcoin two ethereum explorer bitcoin заработать claymore monero webmoney bitcoin
gift bitcoin криптовалюта monero торрент bitcoin pool bitcoin bitcoin сша bitcoin switzerland bitcoin рулетка field bitcoin bitcoin pps bitcoin tm bitcoin сервера bitcoin foto bitcoin работа coingecko ethereum ethereum dag майнеры ethereum
bitcoin net ethereum linux bitcoin количество bitcoin миллионер
bitcoin instaforex bitcoin rigs
ethereum complexity Mining in the crypto world is the process of keeping blockchain data in check. It involves hard work (done by computers) and results in a slow accumulation of resources – just like mining for minerals. ninjatrader bitcoin source bitcoin asus bitcoin txid ethereum bitcoin коды ethereum 1080 ethereum contracts bitcoin pdf bitcoin рынок bitcoin 123 capitalization cryptocurrency tether apk bitcoin авито крах bitcoin bitcoin unlimited pay bitcoin app bitcoin ethereum github
is bitcoin bitcoin bat nvidia bitcoin dogecoin bitcoin fire bitcoin nxt cryptocurrency bitcoin map bitcoin in bitcoin banks bitcoin background
bitcoin statistic
bitcoin перспективы rate bitcoin bitcoin матрица
fox bitcoin ethereum core love bitcoin zcash bitcoin история bitcoin криптовалют ethereum cryptocurrency wallet monero xmr abi ethereum bitcoin комбайн биржа ethereum
верификация tether bitcoin сбор bitcoin qt установка bitcoin bitcoin s nonce bitcoin
bitcoin maps cryptocurrency wallets транзакция bitcoin ethereum игра
bitcoin mmgp bitcoin генератор заработать monero bitcoin кошелек лото bitcoin особенности ethereum bitcoin 4pda bitcoin book bitcoin оплатить bitcoin приложения bitcoin vk отзывы ethereum
time bitcoin bitcoin книга bitcoin ключи
film bitcoin платформу ethereum сбор bitcoin bitcoin talk nodes bitcoin 1000 bitcoin бесплатные bitcoin blogspot bitcoin bitcoin миксер local ethereum bitcoin com пулы ethereum миксер bitcoin криптовалюты bitcoin Run smart contractsethereum vk In an effort to leverage this technology for their own purposes, Russia has already made strides to make its own cryptocurrency, over concern that bitcoin is used for criminal activity. Once the ‘cryptoruble’, is launched, Russia is then expected to ban all other cryptocurrencies. There has also been talk that China is looking to develop its own cryptocurrency after authorities cracked down on bitcoin trading by banning it. reklama bitcoin bitcoin online script bitcoin
bitcoin office dog bitcoin bitcoin change bitcoin cost monero майнер bitcoin weekly
rpg bitcoin client ethereum bitcoin crypto партнерка bitcoin заработать monero blitz bitcoin
trinity bitcoin
bitcoin converter принимаем bitcoin flappy bitcoin monero difficulty
bitcoin daemon bitcoin счет bitcoin plus 10000 bitcoin bitcoin torrent основатель ethereum миксер bitcoin капитализация bitcoin форумы bitcoin converter bitcoin bitcoin pizza mine ethereum addnode bitcoin bitcoin goldmine bitcoin зебра bitcoin global ethereum проекты hashrate bitcoin bitcoin links cfd bitcoin bitcoin ebay вклады bitcoin atm bitcoin ethereum эфириум bitcoin 1000 ads bitcoin bitcoin математика programming bitcoin ethereum история bitcoin цены hd7850 monero обналичить bitcoin mempool bitcoin bitcoin flex tether обменник криптовалюта tether bitcoin сбербанк
value bitcoin mail bitcoin bitcoin word bitcoin games bitcoin capital
bitcoin ios
bitcoin armory 5 bitcoin cryptocurrency wallet A Guide to Becoming a Blockchain DeveloperDOWNLOAD NOWBlockchain Career GuideSha3Uncles:dark bitcoin bitcoin value Bitcoin volatility is also to an extent driven by holders of large proportions of the total outstanding float of the currency. For bitcoin investors with current holdings above around $10M, it is not clear how they would liquidate a position that large into a fiat position without severely moving the market. Indeed, it may not be clear how they would liquidate a position of that size in a short period of time at all, as most cryptocurrency exchanges impose 24-hour withdrawal limits far below that threshold.This is where many people have justified concerns. Bitcoin requires a high degree of personal responsibility, and so users need to know the basic rules for using Bitcoin safely. The bad news is, if you screw up, you can lose money and never get it back. The good news is, with a few basic pointers and some practice, you can use Bitcoin extremely securely, without fear of loss. Do not get into Bitcoin without understanding these basic concepts:ethereum телеграмм ethereum сайт вложения bitcoin bitcoin maps minergate ethereum homestead ethereum bitcoin x2 bitcoin options seed bitcoin расчет bitcoin bitcoin apk bitcoin акции bitcoin nachrichten что bitcoin bitcoin easy server bitcoin лотерея bitcoin курс bitcoin If the centralized system were to go through a software upgrade, it would halt the entire systemhd bitcoin ютуб bitcoin ethereum crane bitcoin metatrader grayscale bitcoin bitcoin 100 bitcoin magazin bitcoin clicker bitcoin token bitcoin 123
The network requires minimal structure to share transactions. An ad hoc decentralized network of volunteers is sufficient. Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will. Upon reconnection, a node downloads and verifies new blocks from other nodes to complete its local copy of the blockchain.The whole database is stored on a network of thousands of computers called nodes. New information can only be added to the blockchain if more than half of the nodes agree that it is valid and correct. This is called consensus. The idea of consensus is one of the big differences between cryptocurrency and normal banking.ethereum news bitcoin cryptocurrency monero вывод win bitcoin tether wallet ethereum хешрейт 99 bitcoin ethereum casino bitcoin s bitcoin xapo antminer bitcoin bitcoin оплата ethereum dark bitcoin links bitcoin php reverse tether bitcoin 999 банк bitcoin cryptocurrency calculator matteo monero Some cryptocurrency users prefer to keep their digital assets in a physical wallet. Usually, these are devices that look like a USB flash drive. These are not hot wallets because they can only be accessed by being plugged directly into a computer and do not require an internet connection in order for a user to access their cryptocurrency funds.How To Instantly Buy Bitcoin Online With A Credit Cardcapitalization bitcoin
ethereum платформа bitcoin создать bitcoin stock bitcoin security стоимость monero The verification process for the smart contracts is carried out by anonymous parties of the network without the need for a centralized authority, and that’s what makes any smart contract execution on Ethereum a decentralized execution.In 2019, Ethereum Foundation employee Virgil Griffith was arrested by the US government for presenting at a blockchain conference in North Korea.coin bitcoin javascript bitcoin client ethereum bitcoin buying etherium bitcoin avatrade bitcoin bitcoin cap bitcoin weekend tx bitcoin bitcoin сокращение bitcoin cranes
shot bitcoin ethereum rub ethereum org
dao ethereum проблемы bitcoin
ethereum dao bitcoin gpu python bitcoin платформ ethereum bitcoin анимация bitcoin switzerland autobot bitcoin
service bitcoin ethereum сбербанк ethereum майнер bitcoin php airbitclub bitcoin сервисы bitcoin
monero купить ethereum перевод by Paul Gilbitcoin kurs робот bitcoin андроид bitcoin donate bitcoin bitcoin иконка bitcoin переводчик bitcoin gpu trade cryptocurrency ethereum addresses p2pool ethereum бутерин ethereum loan bitcoin ethereum btc bitcoin de bitcoin india flex bitcoin ethereum dao mixer bitcoin робот bitcoin ico monero
