Proof of work
From Wikipedia, the free encyclopedia
Jump to navigationJump to search
This article may require cleanup to meet Wikipedia's quality standards. The specific problem is: Needs verification and documentation Please help improve this article if you can. (May 2015) (Learn how and when to remove this template message)
Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party (the prover) proves to others (the verifiers) that a certain amount of computational effort has been expended for some purpose. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service abuses such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to the amount of computational effort they have provably expended. PoW and PoS (Proof of Stake) are the two best known consensus mechanisms and in the context of cryptocurrencies also most commonly used.
A key feature of proof-of-work schemes is their asymmetry: the work must be moderately hard (yet feasible) on the prover or requester side but easy to check for the verifier or service provider. This idea is also known as a CPU cost function, client puzzle, computational puzzle, or CPU pricing function. It is distinct in purpose from a CAPTCHA, which is intended for a human to solve quickly, while being difficult to solve for a computer.
Contents
1 Background
2 Variants
3 List of proof-of-work functions
4 Reusable proof-of-work as e-money
4.1 Bitcoin-type proof of work
4.2 Energy consumption
5 ASICs and mining pools
6 See also
7 Notes
8 References
9 External links
Background
One popular system, used in Hashcash, uses partial hash inversions to prove that work was done, as a goodwill token to send an e-mail. For instance, the following header represents about 252 hash computations to send a message to calvin@comics.net on January 19, 2038:
X-Hashcash: 1:52:380119:calvin@comics.net:::9B760005E92F0DAE
It is verified with a single computation by checking that the SHA-1 hash of the stamp (omit the header name X-Hashcash: including the colon and any amount of whitespace following it up to the digit '1') begins with 52 binary zeros, that is 13 hexadecimal zeros:
0000000000000756af69e2ffbdb930261873cd71
Whether PoW systems can actually solve a particular denial-of-service issue such as the spam problem is subject to debate; the system must make sending spam emails obtrusively unproductive for the spammer, but should also not prevent legitimate users from sending their messages. In other words, a genuine user should not encounter any difficulties when sending an email, but an email spammer would have to expend a considerable amount of computing power to send out many emails at once. Proof-of-work systems are being used as a primitive by other more complex cryptographic systems such as bitcoin which uses a system similar to Hashcash.
Variants
There are two classes of proof-of-work protocols.
Challenge–response protocols assume a direct interactive link between the requester (client) and the provider (server). The provider chooses a challenge, say an item in a set with a property, the requester finds the relevant response in the set, which is sent back and checked by the provider. As the challenge is chosen on the spot by the provider, its difficulty can be adapted to its current load. The work on the requester side may be bounded if the challenge-response protocol has a known solution (chosen by the provider), or is known to exist within a bounded search space.
Proof of Work challenge response.svg
Solution–verification protocols do not assume such a link: as a result, the problem must be self-imposed before a solution is sought by the requester, and the provider must check both the problem choice and the found solution. Most such schemes are unbounded probabilistic iterative procedures such as Hashcash.
Proof of Work solution verification.svg
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean).[further explanation needed] A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.
There are also fixed-cost functions such as the time-lock puzzle.
Moreover, the underlying functions used by these schemes may be:
CPU-bound where the computation runs at the speed of the processor, which greatly varies in time, as well as from high-end server to low-end portable devices.
Memory-bound where the computation speed is bound by main memory accesses (either latency or bandwidth), the performance of which is expected to be less sensitive to hardware evolution.
Network-bound if the client must perform few computations, but must collect some tokens from remote servers before querying the final service provider. In this sense, the work is not actually performed by the requester, but it incurs delays anyway because of the latency to get the required tokens.
Finally, some PoW systems offer shortcut computations that allow participants who know a secret, typically a private key, to generate cheap PoWs. The rationale is that mailing-list holders may generate stamps for every recipient without incurring a high cost. Whether such a feature is desirable depends on the usage scenario.
List of proof-of-work functions
Here is a list of known proof-of-work functions:
Integer square root modulo a large prime[dubious – discuss]
Weaken Fiat–Shamir signatures
Ong–Schnorr–Shamir signature broken by Pollard
Partial hash inversion This paper formalizes the idea of a proof of work and introduces "the dependent idea of a bread pudding protocol", a "re-usable proof-of-work" (RPoW) system.
Hash sequences
Puzzles
Diffie–Hellman–based puzzle
Moderate
Mbound
Hokkaido
Cuckoo Cycle
Merkle tree–based
Guided tour puzzle protocol
Reusable proof-of-work as e-money
Computer scientist Hal Finney built on the proof-of-work idea, yielding a system that exploited reusable proof of work (RPoW). The idea of making proofs of work reusable for some practical purpose had already been established in 1999. Finney's purpose for RPoW was as token money. Just as a gold coin's value is thought to be underpinned by the value of the raw gold needed to make it, the value of an RPoW token is guaranteed by the value of the real-world resources required to 'mint' a PoW token. In Finney's version of RPoW, the PoW token is a piece of Hashcash.
A website can demand a PoW token in exchange for service. Requiring a PoW token from users would inhibit frivolous or excessive use of the service, sparing the service's underlying resources, such as bandwidth to the Internet, computation, disk space, electricity, and administrative overhead.
Finney's RPoW system differed from a PoW system in permitting the random exchange of tokens without repeating the work required to generate them. After someone had "spent" a PoW token at a website, the website's operator could exchange that "spent" PoW token for a new, unspent RPoW token, which could then be spent at some third-party website similarly equipped to accept RPoW tokens. This would save the resources otherwise needed to 'mint' a PoW token. The anti-counterfeit property of the RPoW token was guaranteed by remote attestation. The RPoW server that exchanges a used PoW or RPoW token for a new one of equal value uses remote attestation to allow any interested party to verify what software is running on the RPoW server. Since the source code for Finney's RPoW software was published (under a BSD-like license), any sufficiently knowledgeable programmer could, by inspecting the code, verify that the software (and, by extension, the RPoW server) never issued a new token except in exchange for a spent token of equal value.
Until 2009, Finney's system was the only RPoW system to have been implemented; it never saw economically significant use.
RPoW is protected by the private keys stored in the trusted platform module (TPM) hardware and manufacturers holding TPM private keys. Stealing a TPM manufacturer's key or obtaining the key by examining the TPM chip itself would subvert that assurance.
Bitcoin-type proof of work
In 2009, the Bitcoin network went online. Bitcoin is a proof-of-work cryptocurrency that, like Finney's RPoW, is also based on the Hashcash PoW. But in Bitcoin, double-spend protection is provided by a decentralized P2P protocol for tracking transfers of coins, rather than the hardware trusted computing function used by RPoW. Bitcoin has better trustworthiness because it is protected by computation. Bitcoins are "mined" using the Hashcash proof-of-work function by individual miners and verified by the decentralized nodes in the P2P bitcoin network.
The difficulty is periodically adjusted to keep the block time around a target time.
Energy consumption
Since the creation of Bitcoin, proof-of-work has been the predominant design of peer-to-peer cryptocurrency. Many studies have been looking at the energy consumption of mining. The PoW mechanism requires a vast amount of computing resources, which consume a significant amount of electricity. Bitcoin's energy consumption can power an entire country.
However, there is no alternative design known that could replace proof-of-work but keeps its desirable attributes such as:[citation needed]
permissionless mining
fair distribution of coins
security against many known attacks
bootstrappability of new nodes in a hostile environment
graceful degradation and recovery even in the face of a successful attack or network failure
unforgeable and statically verifiable costliness
Also, there have been many attempts at making proof-of-work use non-specialist hardware. However, this is neither possible, because any specific proof-of-work function can be optimised with hardware, nor desirable, because specialist mining equipment improves security by committing miners to the specific network they are mining for.[citation needed]
ASICs and mining pools
Within the Bitcoin community there are groups working together in mining pools. Some miners use application-specific integrated circuits (ASICs) for PoW. This trend toward mining pools and specialized ASICs has made mining some cryptocurrencies economically infeasible for most players without access to the latest ASICs, nearby sources of inexpensive energy, or other special advantages.
Some PoWs claim to be ASIC-resistant, i.e. to limit the efficiency gain that an ASIC can have over commodity hardware, like a GPU, to be well under an order of magnitude. ASIC resistance has the advantage of keeping mining economically feasible on commodity hardware, but also contributes to the corresponding risk that an attacker can briefly rent access to a large amount of unspecialized commodity processing power to launch a 51% attack against a cryptocurrency.
bitcoin hub cryptocurrency trading bitcoin сервера polkadot ico bitcoin token лотереи bitcoin microsoft ethereum ethereum кошельки
monero node
bitcoin 2010 ethereum contracts bitcoin lite ethereum swarm валюта monero bitcoin monkey vk bitcoin bitcoin new safe bitcoin scrypt bitcoin 4000 bitcoin заработок ethereum bitcoin dance bitcoin cost
apple bitcoin flypool ethereum bitcoin программирование hash bitcoin
bitcoin maps 100 bitcoin биткоин bitcoin
ethereum project таблица bitcoin bitcoin purchase minergate monero bitcoin puzzle cryptocurrency charts apk tether bitcoin asic bitcoin oil coin bitcoin bitcoin s bitcoin обозначение geth ethereum bitcoin yandex bitcoin иконка
1070 ethereum ethereum проблемы bitcoin car bitcoin capitalization torrent bitcoin стоимость monero bitcoin linux получить bitcoin ethereum видеокарты bitcoin криптовалюта bitcoin 5 block bitcoin location bitcoin bitcoin приложение продам bitcoin apple bitcoin статистика ethereum bitcoin matrix cryptocurrency tech tether android россия bitcoin delphi bitcoin разработчик bitcoin
сайты bitcoin bitcoin scripting bitcoin com ethereum programming check bitcoin ethereum статистика оборудование bitcoin bitcoin мастернода падение ethereum 1000 bitcoin bitcoin conference tinkoff bitcoin bitcoin advcash dat bitcoin котировка bitcoin btc bitcoin fpga bitcoin проект bitcoin биржа monero
zcash bitcoin полевые bitcoin ccminer monero cpuminer monero abc bitcoin casinos bitcoin bitcoin anonymous
difficulty bitcoin bitcoin миллионеры обвал bitcoin краны monero bitcoin adress отследить bitcoin pool monero lightning bitcoin fee bitcoin bitcoin aliexpress
эпоха ethereum bitcoin видеокарты программа ethereum bitcoin spin виджет bitcoin bitcoin motherboard исходники bitcoin testnet bitcoin bitcoin telegram ethereum pow doubler bitcoin bitcoin atm bitcoin wm bitcoin мавроди kran bitcoin ethereum addresses purchase bitcoin coin bitcoin ethereum homestead monero logo bitcoin system обменники bitcoin swarm ethereum bitcoin create bitcoin презентация ethereum addresses The mining world is a whirlwind of change. The tools that you pick up today might be obsolete next year. Some mining pools might fall away while others emerge.комиссия bitcoin 1060 monero ecopayz bitcoin ethereum coingecko bitcoin видео node bitcoin simplewallet monero
bitcoin carding bitcoin biz bitcoin дешевеет coindesk bitcoin bitcoin agario настройка ethereum gif bitcoin bitcoin конвектор bitcoin future криптовалют ethereum galaxy bitcoin wallets cryptocurrency bitcoin github bitcoin location 100 bitcoin ethereum coin
bitcoin yandex ann monero
bitcoin today ann monero bitcoin кранов map bitcoin bitcoin fund card bitcoin monero blockchain txid ethereum bitcoin bow bitcoin ферма bitcoin golden lealana bitcoin bitcoin казахстан weekly bitcoin заработать monero ad bitcoin bitcoin telegram bitcoin халява monero proxy bitcoin программирование bitcoin fasttech ethereum habrahabr hub bitcoin транзакция bitcoin ethereum ubuntu lite bitcoin monero прогноз monero cryptonote tether верификация ethereum serpent технология bitcoin bitcoin price ethereum обвал buy bitcoin monero обмен ethereum обмен шифрование bitcoin video bitcoin bitcoin analysis биржа bitcoin bitcoin торрент lealana bitcoin bitcoin сервисы прогнозы ethereum ethereum programming bitcoin gift
store bitcoin ethereum заработок bitcoin инструкция будущее ethereum кредит bitcoin миксер bitcoin акции bitcoin
удвоитель bitcoin bitcoin автомат shot bitcoin sportsbook bitcoin monero client bitcoin center bitcoin usd telegram bitcoin bitcoin комиссия java bitcoin шрифт bitcoin fpga ethereum bitcoin easy bitcoin habr bitcoin etf
bitcoin okpay bitcoin microsoft приложение tether finex bitcoin ethereum pools bitcoin center символ bitcoin виталий ethereum micro bitcoin bitcoin майнить ssl bitcoin bitcoin paper Genesis Mining Review: Genesis Mining is the largest Bitcoin and scrypt cloud mining provider.One such developer was Vitalik Buterin. He and others like him were focused on the possibilities of using a blockchain with more flexibility to enable scripts and programs to run and eventually power applications what would leverage the decentralization of the blockchain in many new ways.system bitcoin
bitcoin теханализ bitcoin price
робот bitcoin bitcoin metatrader bitcoin plugin куплю ethereum bitcoin free
bitcoin plus ssl bitcoin bitcoin информация bitcoin компьютер
bitcointalk bitcoin bitcoin calc cryptocurrency calculator sportsbook bitcoin best cryptocurrency сбербанк bitcoin airbit bitcoin
bitcoin расчет bitcoin atm
перспективы ethereum topfan bitcoin decred cryptocurrency scrypt bitcoin bitcoin прогнозы ethereum studio tether отзывы bitcoin payza фьючерсы bitcoin flappy bitcoin bitcoin phoenix cryptocurrency calculator bitcoin space
ethereum перспективы bitcoin fpga free ethereum
transactions bitcoin eos cryptocurrency bitcoin zebra bitcoin weekly ethereum падение ethereum difficulty bitcoin shop bitcoin сбербанк bitcoin книги monero 1060 bitcoin игры ads bitcoin metal bitcoin bitcoin machine майнер monero buy tether bitcoin lurk
icons bitcoin etoro bitcoin кошелек ethereum gemini bitcoin addnode bitcoin bitcoin calculator пример bitcoin ethereum история bitcoin earnings connect bitcoin index bitcoin bitcoin автоматом all bitcoin ethereum habrahabr bitcoin eth будущее ethereum торговля bitcoin red bitcoin bitcoin покупка bitcoin рынок cryptocurrency magazine bitcoin монеты bitcoin agario bitcoin registration bitcoin telegram stealer bitcoin bitcoin community chvrches tether hashrate bitcoin monero price проекты bitcoin claymore monero bitcoin часы bitcoin analytics The development of Ripple traces its origins back before cryptocurrencies. In 2013, it began linking to the Bitcoin protocol as Opencoin. The open-source software is free to use, pro-government regulation, and able to send payments to Bitcoin addresses.secp256k1 bitcoin ethereum asic sell ethereum проекта ethereum tether coin torrent bitcoin bitcoin change bitcoin шахты bitcoin ключи space bitcoin
bitcoin utopia rx470 monero bitcoin mt4 bistler bitcoin trade cryptocurrency reddit bitcoin bitcoin отслеживание home bitcoin bitcoin отследить
trade cryptocurrency
love bitcoin mine monero monero краны bitcoin wikileaks First conceived in 1993, the idea of a 'smart contract' was originally described by computer scientist and cryptographer Nick Szabo as a kind of digital vending machine. In his famous example, he described how users could input $1, and receive an item from a machine, in this case a snack or a soft drink.daily bitcoin bitcoin сети bitcoin antminer java bitcoin bitcoin кошелька bitcoin вывести multiply bitcoin сайты bitcoin bitcoin бумажник bitcoin jp bitcoin монеты bitcoin пример
us bitcoin monero benchmark gadget bitcoin bitcoin видеокарта bitcoin tradingview adbc bitcoin credit bitcoin bitcoin форк bitcoin регистрации принимаем bitcoin
перспектива bitcoin
xbt bitcoin bitcoin venezuela bitcoin монет nanopool ethereum
bitcoin multisig monero xeon токены ethereum bitcoin example nova bitcoin bitcoin шахты bitcoin twitter the ethereum wallets cryptocurrency bitcoin group 100 bitcoin
сети ethereum перевод ethereum bitcoin galaxy 3d bitcoin ethereum clix http bitcoin wei ethereum jax bitcoin micro bitcoin Block 0 to Block 4,369,999: 5 Ethermonero новости circle bitcoin The value of '1 BTC' represents 100,000,000 of these. In other words, each bitcoin is divisible by up to 108.ico bitcoin Just as mankind has engineered houses to be used as shelter and cars to be used as transportation, so too can we engineer something to be used as an ideal medium of exchange. But while the dollar is a poorly engineered money (so poor in fact that it relies on coercion for its value), Bitcoin is a brilliantly engineered money.ethereum faucet bitcoin compromised продать ethereum sportsbook bitcoin ethereum прогноз доходность ethereum bitcoin котировка tether usd bitcoin алгоритм store bitcoin tether gps bitcoin poloniex
bitcoin maps bitcoin daemon bcc bitcoin safe bitcoin bitrix bitcoin принимаем bitcoin bitcoin code ethereum github monero xeon
accepts bitcoin x bitcoin bitcoin mine foto bitcoin bitcoin telegram график bitcoin free monero
обмен monero bitcoin analysis
майнер monero bitcoin перевод bitcoin сколько нода ethereum The economic value of cryptocurrency, like all goods and services, comes from supply and demand.Repeat.joker bitcoin monero форк ethereum transactions best bitcoin bank cryptocurrency ethereum addresses 33 bitcoin alpha bitcoin покупка bitcoin coinmarketcap bitcoin bitcoin matrix платформы ethereum bitcoin блокчейн bitcoin foto асик ethereum биржи monero bitcoin payza community bitcoin pokerstars bitcoin faucets bitcoin bitcoin news зебра bitcoin neo cryptocurrency monero carding bitcoin bitcoin окупаемость bitcoin alert криптовалюта tether bubble bitcoin
ethereum bitcoin bitcoin работа bitcoin hype
форумы bitcoin email bitcoin bitcoin graph bitcoin knots monero xeon bitcoin ledger bitcoin серфинг bitcoin casino bitcoin lion tor bitcoin fox bitcoin avatrade bitcoin 🏦казино ethereum боты bitcoin bitcoin конвектор asic monero арбитраж bitcoin лото bitcoin total cryptocurrency bitcoin trading amazon bitcoin pool monero
bitcoin monkey обменять bitcoin ethereum gas bitcoin weekend
box bitcoin bitcoin картинка
mine ethereum bitcoin ishlash ethereum bitcointalk bitcoin get bitcoin qr технология bitcoin bitcoin weekend ethereum habrahabr bitcoin fox ethereum пул куплю ethereum epay bitcoin bitcoin банк up bitcoin кран bitcoin bitcoin партнерка ethereum сбербанк monero pool яндекс bitcoin курс monero secp256k1 ethereum bitcoin two bitcoin mmgp eth ethereum bitcoin weekend ethereum форк generator bitcoin порт bitcoin bitcoin widget bitcoin бесплатно bitcoin аккаунт flypool ethereum cryptocurrency law bitcoin hunter ethereum заработок bitcoin help ecdsa bitcoin cubits bitcoin demo bitcoin bitcoin лопнет банкомат bitcoin bitcoin vpn tether пополнение bitcoin проблемы bitcoin plus500 bitcoin sha256 bitcoin мошенничество ethereum russia ethereum обменники cryptocurrency mining masternode bitcoin bitcoin machine x bitcoin заработать bitcoin exchange ethereum доходность ethereum
пулы bitcoin bitcoin лучшие
reverse tether
coinmarketcap bitcoin bitcoin darkcoin bitcoin php bitcoin easy bitcoin арбитраж bitcoin пул bitcoin компьютер bitcoin song best bitcoin bitcoin litecoin отзывы ethereum monero proxy ethereum инвестинг bitcoin транзакции bitcoin analytics bitcoin vpn bitcoin курс blog bitcoin bitcoin google ethereum кран bitcoin сайты форк bitcoin ecopayz bitcoin bitcoin book bitcoin change bitcoin system lite bitcoin
bitrix bitcoin ann bitcoin 6000 bitcoin nicehash bitcoin
bitcoin knots bitcoin hardfork майнер ethereum monero logo polkadot stingray minergate bitcoin ethereum падает bitcoin hesaplama описание ethereum why cryptocurrency connect bitcoin ethereum ферма bus bitcoin bitcoin стоимость bitcoin carding datadir bitcoin автосборщик bitcoin bitcoin продать ethereum валюта
майнеры monero ethereum supernova вирус bitcoin
bitcoin получение ad bitcoin ethereum stratum bitcoin group de bitcoin cryptonator ethereum конвертер ethereum airbitclub bitcoin token ethereum платформе ethereum abi ethereum bitcoin монеты captcha bitcoin тинькофф bitcoin bitcoin aliexpress bitcoin asic криптовалюта ethereum
bitcoin коллектор vizit bitcoin bitcoin create japan bitcoin
добыча monero 3 bitcoin dash cryptocurrency microsoft bitcoin bitcoin цены удвоить bitcoin koshelek bitcoin bitcoin матрица bitcoin обвал bitcoin maps bitcoin greenaddress форк bitcoin electrum bitcoin usd bitcoin bitcoin компьютер bitcoin daily coindesk bitcoin bitcoin лучшие кошель bitcoin bitcoin сбор bitcoin лопнет bitcoin openssl халява bitcoin генераторы bitcoin locals bitcoin hyip bitcoin ethereum пулы ethereum course bitcoin cz логотип bitcoin poloniex monero
base bitcoin bitcoin hack bitcoin вложения
euro bitcoin coffee bitcoin
bitcoin рухнул ethereum калькулятор mmm bitcoin bitcoin lurkmore
cap bitcoin bitcoin kazanma ethereum contract monero купить bitcoin loan average bitcoin usb bitcoin 5 bitcoin kran bitcoin bitcoin tm ethereum twitter new bitcoin ethereum coins bitcoin step ethereum calculator курс bitcoin bitcoin арбитраж bitcoin doubler flappy bitcoin
ethereum faucet bitcoin онлайн капитализация bitcoin I feel very excited for my children to grow up in such a world, and I am deeply honored to be here in San Jose, working on this project with so many great minds all over the world.