So, I came across this recently when looking back over some old posts from when we were in a similarly long-feeling block--much less PHs back then, though.
Anyway, I thought it'd be a perfect time to bump this to the top--especially to highlight that Kano knows what he's talking about. We got your back, Kano-san.
So, I felt the urge to ramble on about Bitcoin again[...]
Rather than try to edit in and out of the various posts ... here's how mining works
Firstly, mining is exactly the same as rolling a dice ... except for the number of possible solutions!
When you roll a dice, you have a 1 in 6 chance of getting a 6.
There's no progress to getting a 6, ever. You either get a 6 or you don't.
One try = yes or no. No history involved.
With Bitcoin the dice actually has 2^256 sides - yeah that's a pretty big number
~1.579x10^77And ... there's more than one solution that's valid.
Any "side of the dice" that has enough zeros on the front, and is less than a specified value, is a block.
Of that
~1.579x10^77 number, the current difficulty decides how many sides mean we found a block.
The current difficulty is actually "0x17
6c2146" which is called "bits" and is 4 bytes of the data we hash.
"0x17" = 23 decimal and 32-23 = 9 bytes of leading zeros (i.e. 9 times '00')
The rest is "0x
6c2146"
So, what those 2 numbers mean is that any block hash with a hex value of
H=
0x0000000000000000006c21460000000000000000000000000000000000000000 or less is a block
and if you divide 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff+1 (
~1.579x10^77) by
H and divide it again by
0x100000000 (
2^32) you will get that network difficulty number:
Nd =
2,603,077,300,218.593which means that every
2^32 times you roll the Bitcoin dice (i.e. hash a full nonce range) you have a 1 in
2,603,077,300,218.593 chance of finding a block.
... and the reason we divide by
0x100000000 again is that the network difficulty number of 1 represents
2^32 hashes
So ... that's how hashing works, but what are we actually hashing?
I wrote a document about it once, I'll repeat a little bit here:
The structure of a block header is an 80 byte binary data set, defined as follows:
Version 4 bytes
Previous Block Hash 32 bytes
Merkle Root 32 bytes
Block Time 4 byte Unix Timestamp
Required Hash Difficulty 4 bytes
Hash Nonce 4 bytes
So looking at that we can vary 3 things:
Merkle root, Block Time and Hash Nonce
Normal hashing is to setup everything except the Hash Nonce and then count the Hash Nonce from 0 to
2^32-1 and hash each one.
Hashing the full Nonce range from 0 to
2^32-1 is also called 1 difficulty.
With stratum we can modify the Merkle Root to generate a different block header to hash the Nonce range.
The Merkle Root is a hash tree of the transactions we include in the block, however there's one transaction that we can change with stratum, and that is the
coinbase transaction - or
the transaction that pays the miner.
In this transaction we only need to make sure that:
1) It's a valid transaction (which is actually pretty random for the
coinbase transaction due to the "sig" being allowed to contain almost anything as long as it starts with 'height')
2) It pays out to the expected address we want to receive the generated Bitcoins
3) The amount it pays is correct
So for stratum we put a bunch of other 'nonces' in the coinbase sig, that includes a unique number for each miner, and run the others from 0 up to some specified limit to generate a different
coinbase transaction each time, that will generate a unique Merkle Root, to be put in a block header, to be hashed over the full Nonce range.
Thus with the unique number for each miner, and the miner itself following the stratum rules for creating
coinbase transactions, the miner can keep generating a large amount of work that isn't expected to run out before the pool sends it new work.
Lastly, every time the miner finds a hash value that is higher than the difficulty specified by the pool, the miner sends the nonce and the "sig" nonces back to the pool.
The pool hashes those nonces with the values it sent to the miner, and thus verifies it's valid, and thus rewards the miner with the difficulty of the work sent to the miner.
Now one more thing I'll add, that got mention a little while back, is that the miner can't modify the payout address to 'steal' the block.
The reason is that the pool wont get a valid hash of the nonces sent back, so the miner will get no reward. Simple
