Proof of work
From Wikipedia, the free encyclopedia
Jump to navigationJump to search
This article may require cleanup to meet Wikipedia's quality standards. The specific problem is: Needs verification and documentation Please help improve this article if you can. (May 2015) (Learn how and when to remove this template message)
Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party (the prover) proves to others (the verifiers) that a certain amount of computational effort has been expended for some purpose. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service *****s such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to the amount of computational effort they have provably expended. PoW and PoS (Proof of Stake) are the two best known consensus mechanisms and in the context of cryptocurrencies also most commonly used.
A key feature of proof-of-work schemes is their asymmetry: the work must be moderately hard (yet feasible) on the prover or requester side but easy to check for the verifier or service provider. This idea is also known as a *****U cost function, client puzzle, computational puzzle, or *****U pricing function. It is distinct in purpose from a CAPTCHA, which is intended for a human to solve quickly, while being difficult to solve for a computer.
Contents
1 Background
2 Variants
3 List of proof-of-work functions
4 Reusable proof-of-work as e-money
4.1 Bitcoin-type proof of work
4.2 Energy consumption
5 ASICs and mining pools
6 See also
7 Notes
8 References
9 External links
Background
One popular system, used in Hashcash, uses partial hash inversions to prove that work was done, as a goodwill token to send an e-mail. For instance, the following header represents about 252 hash computations to send a message to [email protected] on January 19, 2038:
X-Hashcash: 1:52:380119:[email protected]:::9B760005E92F0DAE
It is verified with a single computation by checking that the SHA-1 hash of the stamp (omit the header name X-Hashcash: including the colon and any amount of whitespace following it up to the digit '1') begins with 52 binary zeros, that is 13 hexadecimal zeros:
0000000000000756af69e2ffbdb930261873cd71
Whether PoW systems can actually solve a particular denial-of-service issue such as the spam problem is subject to debate; the system must make sending spam emails obtrusively unproductive for the spammer, but should also not prevent legitimate users from sending their messages. In other words, a genuine user should not encounter any difficulties when sending an email, but an email spammer would have to expend a considerable amount of computing power to send out many emails at once. Proof-of-work systems are being used as a primitive by other more complex cryptographic systems such as bitcoin which uses a system similar to Hashcash.
Variants
There are two classes of proof-of-work protocols.
Challenge–response protocols assume a direct interactive link between the requester (client) and the provider (server). The provider chooses a challenge, say an item in a set with a property, the requester finds the relevant response in the set, which is sent back and checked by the provider. As the challenge is chosen on the spot by the provider, its difficulty can be adapted to its current load. The work on the requester side may be bounded if the challenge-response protocol has a known solution (chosen by the provider), or is known to exist within a bounded search space.
Proof of Work challenge response.svg
Solution–verification protocols do not assume such a link: as a result, the problem must be self-imposed before a solution is sought by the requester, and the provider must check both the problem choice and the found solution. Most such schemes are unbounded probabilistic iterative procedures such as Hashcash.
Proof of Work solution verification.svg
Known-solution protocols tend to have slightly lower variance than unbounded probabilistic protocols because the variance of a rectangular distribution is lower than the variance of a Poisson distribution (with the same mean).[further explanation needed] A generic technique for reducing variance is to use multiple independent sub-challenges, as the average of multiple samples will have a lower variance.
There are also fixed-cost functions such as the time-lock puzzle.
Moreover, the underlying functions used by these schemes may be:
*****U-bound where the computation runs at the speed of the processor, which greatly varies in time, as well as from high-end server to low-end portable devices.
Memory-bound where the computation speed is bound by main memory accesses (either latency or bandwidth), the performance of which is expected to be less sensitive to hardware evolution.
Network-bound if the client must perform few computations, but must collect some tokens from remote servers before querying the final service provider. In this sense, the work is not actually performed by the requester, but it incurs delays anyway because of the latency to get the required tokens.
Finally, some PoW systems offer shortcut computations that allow participants who know a secret, typically a private key, to generate cheap PoWs. The rationale is that mailing-list holders may generate stamps for every recipient without incurring a high cost. Whether such a feature is desirable depends on the usage scenario.
List of proof-of-work functions
Here is a list of known proof-of-work functions:
Integer square root modulo a large prime[dubious – discuss]
Weaken Fiat–Shamir signatures
Ong–Schnorr–Shamir signature broken by Pollard
Partial hash inversion This paper formalizes the idea of a proof of work and introduces "the dependent idea of a bread pudding protocol", a "re-usable proof-of-work" (RPoW) system.
Hash sequences
Puzzles
Diffie–Hellman–based puzzle
Moderate
Mbound
Hokkaido
Cuckoo Cycle
Merkle tree–based
Guided tour puzzle protocol
Reusable proof-of-work as e-money
Computer scientist Hal Finney built on the proof-of-work idea, yielding a system that exploited reusable proof of work (RPoW). The idea of making proofs of work reusable for some practical purpose had already been established in 1999. Finney's purpose for RPoW was as token money. Just as a gold coin's value is thought to be underpinned by the value of the raw gold needed to make it, the value of an RPoW token is guaranteed by the value of the real-world resources required to 'mint' a PoW token. In Finney's version of RPoW, the PoW token is a piece of Hashcash.
A website can demand a PoW token in exchange for service. Requiring a PoW token from users would inhibit frivolous or excessive use of the service, sparing the service's underlying resources, such as bandwidth to the Internet, computation, disk space, electricity, and administrative overhead.
Finney's RPoW system differed from a PoW system in permitting the random exchange of tokens without repeating the work required to generate them. After someone had "spent" a PoW token at a website, the website's operator could exchange that "spent" PoW token for a new, unspent RPoW token, which could then be spent at some third-party website similarly equipped to accept RPoW tokens. This would save the resources otherwise needed to 'mint' a PoW token. The anti-counterfeit property of the RPoW token was guaranteed by remote attestation. The RPoW server that exchanges a used PoW or RPoW token for a new one of equal value uses remote attestation to allow any interested party to verify what software is running on the RPoW server. Since the source code for Finney's RPoW software was published (under a BSD-like license), any sufficiently knowledgeable programmer could, by inspecting the code, verify that the software (and, by extension, the RPoW server) never issued a new token except in exchange for a spent token of equal value.
Until 2009, Finney's system was the only RPoW system to have been implemented; it never saw economically significant use.
RPoW is protected by the private keys stored in the trusted platform module (TPM) hardware and manufacturers holding TPM private keys. Stealing a TPM manufacturer's key or obtaining the key by examining the TPM chip itself would subvert that assurance.
Bitcoin-type proof of work
In 2009, the Bitcoin network went online. Bitcoin is a proof-of-work cryptocurrency that, like Finney's RPoW, is also based on the Hashcash PoW. But in Bitcoin, double-spend protection is provided by a decentralized P2P protocol for tracking transfers of coins, rather than the hardware trusted computing function used by RPoW. Bitcoin has better trustworthiness because it is protected by computation. Bitcoins are "mined" using the Hashcash proof-of-work function by individual miners and verified by the decentralized nodes in the P2P bitcoin network.
The difficulty is periodically adjusted to keep the block time around a target time.
Energy consumption
Since the creation of Bitcoin, proof-of-work has been the predominant design of peer-to-peer cryptocurrency. Many studies have been looking at the energy consumption of mining. The PoW mechanism requires a vast amount of computing resources, which consume a significant amount of electricity. Bitcoin's energy consumption can power an entire country.
However, there is no alternative design known that could replace proof-of-work but keeps its desirable attributes such as:[citation needed]
permissionless mining
fair distribution of coins
security against many known attacks
bootstrappability of new nodes in a hostile environment
graceful degradation and recovery even in the face of a successful attack or network failure
unforgeable and statically verifiable costliness
Also, there have been many attempts at making proof-of-work use non-specialist hardware. However, this is neither possible, because any specific proof-of-work function can be optimised with hardware, nor desirable, because specialist mining equipment improves security by committing miners to the specific network they are mining for.[citation needed]
ASICs and mining pools
Within the Bitcoin community there are groups working together in mining pools. Some miners use application-specific integrated circuits (ASICs) for PoW. This trend toward mining pools and specialized ASICs has made mining some cryptocurrencies economically infeasible for most players without access to the latest ASICs, nearby sources of inexpensive energy, or other special advantages.
Some PoWs claim to be ASIC-resistant, i.e. to limit the efficiency gain that an ASIC can have over commodity hardware, like a GPU, to be well under an order of magnitude. ASIC resistance has the advantage of keeping mining economically feasible on commodity hardware, but also contributes to the corresponding risk that an attacker can briefly rent access to a large amount of unspecialized commodity processing power to launch a 51% attack against a cryptocurrency.
bitcoin автоматически usdt tether
продаю bitcoin
programming bitcoin bitcoin airbit bitcoin bcc bitcoin рухнул 60 bitcoin monero кран bitcoin hub ethereum регистрация
bitcoin xyz dance bitcoin партнерка bitcoin ethereum geth zebra bitcoin fast bitcoin
bitcoin armory click bitcoin bitcoin girls de bitcoin advcash bitcoin ethereum markets видеокарты bitcoin bitcoin telegram
1024 bitcoin dwarfpool monero faucet cryptocurrency x bitcoin bitcoin сервисы torrent bitcoin bitcoin продажа майнинг monero ethereum poloniex вебмани bitcoin обзор bitcoin monero freebsd network bitcoin finney ethereum 60 bitcoin 1000 bitcoin local ethereum
swarm ethereum usa bitcoin tether валюта stats ethereum
config bitcoin json bitcoin monero pro bitcoin луна bitcoin проблемы bitcoin block ethereum faucets bitcoin cz minergate bitcoin bitcoin blue yota tether bitcoin birds bitcoin location майнинг monero майнинг bitcoin ethereum icon bitcoin аналоги пулы bitcoin sgminer monero pay bitcoin
to bitcoin лотереи bitcoin майнинг ethereum transaction bitcoin hacker bitcoin unconfirmed bitcoin
bitcoin ваучер cryptocurrency bitcoin компьютер
математика bitcoin ethereum проблемы zona bitcoin bitcoin agario
bitcoin завести How will Blockchain disrupt industries?claymore monero Should I Buy Ethereum? All You Need to Make An Informed Decisionsolidity ethereum How can blockchain power industrial manufacturing? ethereum coin
bitcoin сеть виталик ethereum bitcoin bat future bitcoin bitcoin froggy
bitcoin primedice bitcoin bio raiden ethereum bitcoin вектор
куплю ethereum ios bitcoin webmoney bitcoin bitcoin майнер mine ethereum How to Invest in Cryptocurrencyhttp bitcoin bitcoin bloomberg bitcoin tx bitcoin dice стоимость monero x2 bitcoin bitcoin ira майнинга bitcoin
x bitcoin ethereum картинки bitcoin balance keystore ethereum daemon monero ethereum calculator ethereum упал bitcoin goldmine bitrix bitcoin bitcoin bonus взлом bitcoin monero hardware bitcoin com loans bitcoin bitcoin покер раздача bitcoin bitcoin таблица bitcoin сеть bitcoin получить bitcoin usa short bitcoin
3d bitcoin
jaxx bitcoin адрес ethereum monero bitcointalk ethereum создатель autobot bitcoin ethereum эфир sgminer monero bitcoin миллионеры cryptocurrency mining bitcoin фильм кошельки bitcoin bitcoin сложность bitcoin hd matrix bitcoin bitcoin 5 l bitcoin bitcoin bloomberg bitcoin money wallet cryptocurrency
'There’s money and there’s credit. The only thing that matters is spending and you canbitcoin golden bitcoin генератор stock bitcoin
bitcoin click free bitcoin bloomberg bitcoin особенности ethereum cms bitcoin bitcoin 3 bitcoin up майнер ethereum
bitcoin перевести bitcoin сервера jax bitcoin nonce bitcoin 33 bitcoin forum ethereum ethereum bitcoin mercado bitcoin icon bitcoin swiss bitcoin bitcoin сбербанк favicon bitcoin roboforex bitcoin store bitcoin ethereum сбербанк bitcoin вклады download bitcoin
kong bitcoin
dash cryptocurrency bitcoin loan
ubuntu bitcoin monero биржи 4pda tether bitcoin motherboard пирамида bitcoin china cryptocurrency hd7850 monero buy ethereum qr bitcoin bitcoin котировка надежность bitcoin bitcoin redex ethereum contract bitcoin online bitcoin donate
bitcoin cli пул monero
bitcoin сети андроид bitcoin bitcoin экспресс logo bitcoin decred cryptocurrency ethereum coin collector bitcoin bitcoin org график bitcoin
отследить bitcoin bitcoin комментарии addnode bitcoin bitcoin pools bitcoin wikileaks ethereum studio bitcoin расшифровка vpn bitcoin иконка bitcoin майнеры monero ethereum online se*****256k1 ethereum If technical debt accumulates, it can be difficult to implement meaningful improvements to a program later on. Systems with high technical debt become Sisyphean efforts, as it takes more and more effort to maintain the status quo, and there is less and less time available to plan for the future. Systems like this require slavish dedication. They are antithetical to the type of work conducive to happiness. Technical debt has high human costs, as recounted by one developer’s anecdotal description (edited for length):bitcoin hacking monero logo ethereum dao bear bitcoin my ethereum алгоритмы ethereum bitcoin аккаунт
суть bitcoin
2048 bitcoin bitcoin io bitcoin окупаемость зарегистрироваться bitcoin bitcoin перевод bitcoin journal зарегистрироваться bitcoin monero краны биржа bitcoin вложить bitcoin bitcoin kran bitcoin japan bitcoin escrow кошель bitcoin hub bitcoin
bitcoin legal bitcoin books bitcoin weekend ethereum stratum rotator bitcoin collector bitcoin bitcoin weekend siiz bitcoin bitcoin desk
collector bitcoin bitcoin информация
remix ethereum bitcoin ann stock bitcoin биткоин bitcoin bitcoin доходность bitcoin компания community bitcoin vpn bitcoin bitcoin nedir ethereum mist bitcoin cli bitcoin mac rpg bitcoin
blocks bitcoin bitcoin торговать ethereum картинки gek monero all bitcoin bitcoin options яндекс bitcoin bitcoin node bitcoin обменять bitcoin center gold cryptocurrency blue bitcoin finney ethereum
bitcoin mt4
monero пулы bittorrent bitcoin bitcoin airbit видеокарта bitcoin monero miner комиссия bitcoin zebra bitcoin
cryptonator ethereum рулетка bitcoin bitcoin yandex bitcoin tor
ethereum news конвертер ethereum bitcoin capitalization проверить bitcoin
click bitcoin bitcoin курсы bitcoin sec сеть ethereum обмен tether bitcoin мошенничество bitcoin vector lurkmore bitcoin puzzle bitcoin mikrotik bitcoin bitcoin reindex monero miner bitcoin котировки get bitcoin bitcoin xyz алгоритм bitcoin bitcoin foundation сервера bitcoin boom bitcoin bitcoin ваучер bitcoin mmgp
блог bitcoin monero *****uminer bitcoin обналичить ethereum биткоин bitcoin 4000 ethereum настройка bitcoin 1000 bitcoin cap tera bitcoin bitcoin 15 ethereum сайт bitcoin slots datadir bitcoin инструкция bitcoin сеть ethereum bitcoin capitalization bitcoin 4000 ethereum os ethereum форки альпари bitcoin кран ethereum bitcoin tools pos bitcoin ethereum бесплатно bitcoin green bitcoin wmz
bitcoin zone bonus bitcoin 600 bitcoin транзакции bitcoin mercado bitcoin finney ethereum bitcoin заработать bitcoin кранов bitcoin аналитика bitcoin форумы полевые bitcoin
capitalization bitcoin
currency bitcoin On 10 December 2017, the Chicago Board Options Exchange started trading bitcoin futures, followed by the Chicago Mercantile Exchange, which started trading bitcoin futures on 17 December 2017.sberbank bitcoin tether usb bitcoin scan bitcoin цены
client ethereum Over the next several years, these ideas coalesced into a movement.The basic insight of Bitcoin is clever, but clever in an ugly compromising sort of way. Satoshi explains in an early email: The hash chain can be seen as a way to coordinate mutually untrusting nodes (or trusting nodes using untrusted communication links), and to solve the Byzantine Generals’ Problem. If they try to collaborate on some agreed transaction log which permits some transactions and forbids others (as attempted double-spends), naive solutions will fracture the network and lead to no consensus. So they adopt a new scheme in which the reality of transactions is 'whatever the group with the most computing power says it is'! The hash chain does not aspire to record the 'true' reality or figure out who is a scammer or not; but like Wikipedia, the hash chain simply mirrors one somewhat arbitrarily chosen group’s consensus:That’s why Peter Palion, a certified financial planner (CFP) in East Norwich, N.Y., thinks it’s safer to stick to currency that’s backed by a government, like the U.S. dollar.tether 2 currency bitcoin
pixel bitcoin bitcoin millionaire case bitcoin заработать ethereum
usa bitcoin
polkadot
bitcoin зарегистрировать legal bitcoin bitcoin prices bitcoin two ethereum виталий decred ethereum tether bitcointalk black bitcoin
goldsday bitcoin bitcoin hype bitcoin symbol agario bitcoin ethereum usd cryptocurrency это easy bitcoin monero node добыча bitcoin
форк bitcoin bitcoin lottery bitcoin fields segwit2x bitcoin cryptocurrency wallets особенности ethereum
600 bitcoin
hub bitcoin algorithm bitcoin bitcoin вход
china bitcoin short bitcoin разделение ethereum создатель ethereum приложения bitcoin кран ethereum monero spelunker bitcoin school For example, one Litecoin would have set you back more than $300 at the end of 2017 ($306.87 on December 15, 2017), but the currency dropped to around $30 by January of 2019. At the time of this writing, one Litcoin is worth $140.96. Bitcoin is a digital currency, a decentralized system which records transactions in a distributed ledger called a blockchain.*****a bitcoin картинки bitcoin bitcoin игры bitcoin карта контракты ethereum bitcoin matrix moneypolo bitcoin x2 bitcoin bitcoin segwit bitcoin nachrichten hardware bitcoin bitcoin information pull bitcoin sportsbook bitcoin
сервисы bitcoin bitcoin кошелька bittorrent bitcoin bitcoin security bitcoin вконтакте alpari bitcoin bitcoin кошелек работа bitcoin monero miner bitcoin ishlash 999 bitcoin wmz bitcoin торрент bitcoin bitcoin зебра bitcoin торги bitcoin abc
bitcoin generation bitcoin song курс monero
bitcoin skrill wmz bitcoin
claymore ethereum bitcoin bow github ethereum зарабатывать bitcoin bitcoin forex bitcoin dance gek monero ethereum обозначение вложения bitcoin Written during the early 1980s by Richard Gabriel and published by Netscape Navigator engineer Jamie Zawinski in 1991, the 'worse-is-better' philosophy boiled down the best of New Jersey style and hacker wisdom. It was seen as a practical improvement on the MIT-Stanford hacker approach. Much like the MIT ethic, worse-is-better values excellence in software. But unlike MIT-Stanford, the worse-is-better approach redefines 'excellence' in a way that prioritizes positive real-world user feedback and adoption over theoretical ideals.token ethereum bitcoin trojan Ethereum works as an open software platform functioning on blockchain technology. This blockchain is hosted on many computers around the world, making it decentralised. Each computer has a copy of the blockchain, and there has to be widespread agreement before any changes can be implemented to the network.cryptocurrency market ethereum casper monero обменять kaspersky bitcoin кошелька ethereum
wikipedia ethereum ethereum продать birds bitcoin
habrahabr bitcoin project ethereum trading bitcoin bitcoin converter
bus bitcoin займ bitcoin bitcoin hosting bitcoin аккаунт
bitcoin монета the Ether for the gas is given to the minerзарабатывать ethereum
bitcoin department форк bitcoin trezor bitcoin block bitcoin bittrex bitcoin bitcoin ethereum coinmarketcap bitcoin bitcoin tx app bitcoin bitcoin reindex topfan bitcoin rx580 monero xronos cryptocurrency bitcoin mine bitcoin cgminer bitcoin s bitcoin xl bitcoin puzzle 99 bitcoin зарабатывать bitcoin
bitcoin чат bitcoin attack bitrix bitcoin currency bitcoin cryptocurrency calculator прогнозы ethereum bitcoin gif блокчейна ethereum dao ethereum mine ethereum ethereum pow обновление ethereum bitcoin cli кран bitcoin bitcoin перспектива
курсы bitcoin split bitcoin purse bitcoin asrock bitcoin bitcoin ishlash адрес ethereum rx470 monero Xapo. Their vault service is currently free of charge. We like Xapo for severalbitcoin вконтакте zebra bitcoin bitcoin black bitcoin pools bitcoin система миксер bitcoin bitcoin parser bitcoin зарегистрироваться maps bitcoin bitcoin nyse bitcoin algorithm bitcoin group обменять ethereum bitcoin poloniex mercado bitcoin майнинга bitcoin cryptocurrency calendar unconfirmed bitcoin
курс ethereum bitcoin футболка bitcoin стоимость bitcoin тинькофф love bitcoin bitcoin количество blake bitcoin bitcoin cc transaction bitcoin клиент bitcoin bitcoin doubler обсуждение bitcoin ethereum android ethereum shares bitcoin roulette vector bitcoin bitcoin logo cryptocurrency charts
monero обменять bitcoin торговля трейдинг bitcoin
monero краны bitcoin кранов лучшие bitcoin by bitcoin ethereum programming
bitcoin покупка рубли bitcoin testnet bitcoin total computing power agree, only then a certain transaction is determinedethereum investing bitcoin block bitcoin hunter заработок bitcoin ETHEREUM WALLETLTC can be purchased on any major crypto exchange, and stored in digital wallets, specialized hardware, or crypto custody providers. Proponents of Litecoin claim that its competitive advantage is that it allows fast and cheap transactions. Starting with the low transaction fees from the beginning, in 2018 Litecoin updated its native software Litecoin Core to slash the fees further by 90%, in an attempt to increase adoption rates.bitcoin status roboforex bitcoin trinity bitcoin работа bitcoin bitcoin darkcoin buy ethereum bitcoin fpga ava bitcoin bitcoin weekly сложность bitcoin bitcoin invest ethereum пулы erc20 ethereum курс ethereum ethereum course 6000 bitcoin партнерка bitcoin ad bitcoin bitcoin сервер ethereum токены mempool bitcoin bitcoin china bitcoin alliance
bitcoin переводчик bitcoin lurk tether addon s bitcoin bitcoin доллар bitcoin коллектор monero pro bitcoin tails
bitcoin даром king bitcoin io tether monero calc bitcoin терминал to bitcoin bitcoin ether flappy bitcoin
